I personally encountered a drive array driver cause an entire array to get overwritten by garbage. I was quite glad that I had tape backups of the computers and the shared array, so a recovery was fairly easy (especially with IBM sysback.)
Filesystems are one piece of a puzzle, but an important one. If that array decided to just write some garbage in a few sectors, almost no filesystem would notice that, allowing propagating of corrupted data to backups. The only two that might notice it would be a background ZFS task doing a scrub and noticing a 64 bit checksum is off, or ReFS doing something similar. Without RAID-Z2, the damage can't be repaired... but it can be found and relevant people notified.
That utility doesn't work if the passwords are encrypted with a master password as per their website. One will get an encrypted blob, but that's it. Maybe useful for backup, but not prying out what someone used for their latest vend a goat order.
I do agree with you with another point -- in Chrome, I can do a shift-esc, and kill a lot of memory hogs per tab. No real way to do that in FF. Chrome also has better VM structure, keeping plugins a safe distance from the OS.
I like the idea this filesystem is going for... it can be useful as a cache, so that hardcore random I/O is smoothed out before it goes onto HDD platters, so a SSD can function as a place for the OS, and as a cache between a drive array or slow external drives.
My only addition would be encryption. If it is designed to work as a transient, ephemeral filesystem where data is only kept until it is safely copied to the real filesystem, then maybe encryption should be a part of this, with keys for data periodically changed out to ensure that data already written to the HDD is not going to be recovered, or if the cache is used as a read cache, the key would reside in RAM and the cache rebuilt on reboot.
In some cases, stuffing them in a browser is worth it. There are a lot of websites which demand an account to do much (pinterest). With these, there is little lost if they get compromised (other than someone trying to troll from the account), so might as well toss worthless account IDs like that in someplace that is relatively convenient, and has some security.
Another nice thing about FF is that it has its own FIPS compliant data stores for passwords as well as its own separate keystore. Chrome and IE use the system's keys on Windows.
This is important, because if someone gets a bogus root CA into the Registry, Chrome and IE will happily honor it, while Firefox will stop and point it out.
FF also provides password protection for the keystore data. This way, if FF is left unattended (and a timeout is set), an intruder can't just walk away with a user's password stash.
Anything is better than nothing in this department. Without encryption, there is zero privacy.
I'd say the first problem is teaching people why they want privacy in the first place. I either run into the attitude of "I don't care about what I do, I'm doing nothing illegal", or the attitude of "the bad guys will get it anyway."
It is a similar attitude I see where people don't bother taking basic precautions with computers, assuming malware and reinstalling every few weeks to months is a fact of life.
After actually getting users to back up and secure their systems (install patches, run an adblocker, enable some "click to play" functionality), the first part is getting them to make and securely store a PGP [1] key, making sure to remember the key's passphrase and keep a good backup in offline sites of the key [2]. From there, it is setting up a web of trust (I tend to respond to messages in kind. Encrypted messages get an encrypted response, for example.)
The basics are not really hard to get down, but do take some time and thought, especially guarding one's private key, managing one's web of trust, and sending/receiving encrypted content. One of the advantages of OpenPGP is that the encryption format and the messaging format are independent. An encrypted message can arrive via SMS, SMTP, AIM, FB Messenger, a USENET post, file stashed on a USB flash drive, or many other ways.
[1]: Technically OpenPGP format, be it done by PGP, netpgp, GPG, Symantec Encryption Desktop, APG, or another utility.
[2]: I'd probably recommend buying three hardware AES encrypted USB flash drives. IronKey has the best reputation, and they have some cheapies that are not FIPS compliant that are relatively expensive ($35 for 4 GB)... but have a proven track record and are relatively reliable. Once a user copies their key to all three, the USB flash drives should be stashed in separate locations, as they shouldn't need to be accessed often.
I might take that a step further: Lets separate education [1] from our education -system- which is broken and a money sink.
First, we need more trades. IT is a mature type of trade now, so it should have a governing body similar to electrical, plumbing, and HVAC. Not certs (as who cares if a plumber is certified to install HepVo waterless traps, but people do care if a plumber knows the proper angle of tilt for drainpipes so poop doesn't wind up building up.)
IT should be a trade, just like plumbing. Too much BS otherwise, because some "school" (even accredited ones) will be happy to teach someone about "fiber optics"... only to have the student have zero chance of a job once graduated.
From there, education resulting in certificates [2]. Not just MCSEs and CCIEs, but generic specializations, such as teaching K-12, handling special ed kids, rifle training, and so on, with a standardized way to show that one has earned a certificate in this (and it passed some accrediting body, so they are meaningful.)
K-12 is still meaningful. Everyone needs some type of unifying education and a lowest common denominator set of skills, things like being able to tip a waiter 21%, add up a bunch of figures to make sure a receipt is correct, be able to point to where the country is on a map that is in the news, have an understanding of branches of government, speak/write effectively, and have a set of basic critical thinking skills.
[1]: Education/training, which needs a lot of help in US.
[2]: Certificate in both the acknowledgement about training, as well as a cryptographic signed validation of this to make online checking of these easier.
The closest I've seen to this is probably Apple's AirPort Extreme/Time Capsule. Drop it in, use an iOS or Mac app to find and configure it, and it does a decent job of routing, allowing for external HDDs to work, and so on.
Of course, it doesn't have the more advanced features like manual ACLs, but for an average user, it does the job without issue.
There are always scenarios that one doesn't realize, but come in handy. For example, having a PFSense appliance in front of a Windows VM to ensure that nothing leaks in case the VPN tunnel to work gets dropped. VMWare Workstation does do a number of tricks to help maximize use of RAM, but in any case, there is no substitute for it, even if it just there being used for caching. VMWare Fusion is even more RAM hungry, so having 16 or more GB of RAM available (plus a SSD if possible) doesn't hurt and can save headaches, especially when travelling.
Of course, it would be nice if VMWare made an ESXi variant that allowed VMs to use the local keyboard and monitor, with any 3D acceleration from the video card available. That would be nice for being able to run a game, but keep Windows firmly away from the hardware, and ESXi does a great job at dealing with RAM overcommits, so if one adds more SSD, paging isn't too bad.
The nice thing about VMs is that you can snapshot the compromised instance, roll back and fix a known clean copy, and you still have the ruined one for forensic work. It also keeps the bad stuff away from the bare metal, so even if the VM gets nailed, a simple snapshot rollback will take care of the job.
VMs are more of a "why not" than "why" these days.
I used to find that XP + a Web browser would fit comfortably in 512 MB of RAM on a VM. However, since XP is no longer supported, 2 GB is what is decent for running a sandboxed web browser [1] in Windows 7 without having it start thrashing.
Some applications (accounting software) I like keeping in their own VM, so 4 gigs is useful as well.
For any office suite, 4GB, hands down. 2GB just doesn't cut it.
As for the base machine, if one does basic virtualization as a way to separate tasks (browse the web in one VM, etc.), I would say that 16GB is a must, preferably 32 because the RAM that isn't used can be used as a read cache. Also, since one is dealing with multiple operating systems all vying for control of the read-write head, a SSD will make a lot of difference as well just because of all the random I/O requests (the I/O blender effect is what the trade rags call it.)
[1]: SandboxIE. Nothing is 100% secure, but it doesn't add that much more work, and adds a definite layer of security.
They have already won that battle. Try visiting EFF's Panopticlick, and almost invariably, any browser will be unique, because of the order of add-ons installed, the browser's ID, or fonts.
I also use the above mentioned tools (as well as a customized hosts file), but I also run the browser in a VM, just so if something bad gets past the add-ons, it cannot touch the bare metal of the computer, nor affect useful data.
I've never understood why people bag on rar. In fact, it is one of the few programs that I have a volume license for because it winds up on every box and general purpose VM I own.
The main reason is that it is a stable archive format. I grab a stack of multi-part archives I burned on CDs 10 years ago, and I have an excellent chance of pulling a file off. Dead CD? I just put the media in with the recovery volume, and that is only if the error correction recovery record I added (usually 5-10%) didn't cut the mustard. Plus, I can then save the archive (repairing any damage) if needed. Had I used.tar.bzip2 or.tar.xz, I probably would be SOL, especially with a database backup image that spanned more than one piece of media.
Plus, I can extract the archives on many other platforms. Of course, there are other utilities (PAR, 7Zip, Stuffit Deluxe), but not many provide error correction as part of the archive file, encryption, multi-volume spanning, and decent compression.
It depends. If a car thief could use some device to pop open door locks in order to snatch your phone's charger or pop the trunk hoping for a laptop, they would.
On a higher scale, attacks against many cars at once has happened. A few years ago, there was a used car dealership which used boxes installed on all vehicles that required people who financed through the dealership to type a PIN weekly, which was on the payment receipt. If a PIN wasn't put in, the vehicle would not start. One ex-employee decided to "hack" (i.e. log on using a valid employee's user and password) the system, and disabled all customer cars, where they stalled immediately, wherever they were, be it on the highway, parked, in a school zone, and started honking their horns. This caused a pretty sizable traffic jam because there were a number of these on the roads, and all had to be towed off.
Now imagine this on a larger scale, something like GM's OnStar. Another hurricane barreling on New York, and someone using OnStar to deliberately disable vehicles evacuating. Now the impact of the disaster is magnified because nobody can escape by car.
There are a lot of groups who would love to be able to take credit for that.
Any new diesel made in the past few years has an extensive vehicle computer, mandated by the EPA (and Euro6.) For example, if the piss tank is empty, by law, the vehicle has to be disabled until it is filled. Similar if the particulate filter is clogged or bypassed.
Nail, head hit. The one use I can see for flexible lithium cells in this case would be to shape them to allow for liquid cooling, or for liquid heating, since lithium batteries cannot be used if their temperature is too low. Of course, if there issues with the liquid flowing, there need to be failsafes for that.
Another problem is that lithium batteries catch fire if physically damaged. With how lawsuit-happy the US is, where even 9mm ammo says, "DO NOT EAT" on the box, I bet someone would start gnawing on a watch band, punch through the battery's enclosure, get burned, sue, and score a big win in the courts.
There is some merit to a status display at a glance, just to see alerts. However, there are a ton of things that need to be in for thought:
1: The alerts have to be meaningful. I've worked with more alerting programs than I care to remember (Netview, OpenView, Bit Brother, hobbit, SCOM, SCVMM, vSphere, xymon, Splunk, SenSage, SolarWinds, tripwire and many other), and the biggest problem with all of them is having them hand you alerts that actually matter. A status screen always glowing red because some development server has some glitch with a driver is pointless, and makes the display worthless. Similar with alerts from vSphere. Setting CPU overuse alarms that some VM that nobody gives a rat's ass about, is just a waste of time.
Even things like disk array warnings can be meaningless. I have encountered equipment that always had its disk array throwing exceptions and soft-failing disks.
Configuring this to be meaningful is the tough part. Alerts with a 10 pucker factor at a bank (Oracle RAC cluster down to one node) may wind up having a PF of 0 over at a development site where they only have one node to start out with.
I learned this with Splunk dashboards. One person just may not care that some machines have high RAM usage. Another person might be highly concerned because RAM provides a fast cache for reads.
2: The alerts have to have proper severity. Not everything that shows up needs to be a double-plus-flashing-red alert. There are items that are warnings, notices, or even debug messages that can pop up, which are extremely notable.
3: The alerts have to show something useful. Random icons turning red don't mean much unless there is a way to expand exactly to what it means, what is affected, when did this happen, and so on.
In reality, instead of having some display with some Hollywood-esque graphic on it, just give all the IT people another monitor and a customizable dashboard panel. This does the same function, and will wind up being far more useful than something graphical just for graphics's sake.
What I don't get is how the Cameron government assumes people are stupid. With VPN services so easy to access, unless they wanted to play a cat and mouse game with blocking anything that remotely even looks like an encrypted IP tunnel, these pornography laws are pointless. Of course, with Draconian laws will come the blowback. The UK hasn't had the folly of the US's Prohibition and War on Drugs, and I hope their government is smart enough to not fall into that trap.
The turning point was in the early to mid 2000s, when worms, executable E-mail, and infected Word documents were dealt with by signing, spam control, and just not running code in the E-mail, period. Once that vector of infection was stopped, other than Trojan horses, it became the Web browser (and add-ons) that has become the largest vector of infections, because it constantly is in contact with untrusted, likely hostile code.
As for AV, I've yet to see a normal antivirus scanner be able to deal with an exploit crawling out of a browser or add-on. The sole exception to this is Malwarebytes because it blocks malicious sites by IP. However, that doesn't give full protection, since an ad server can be completely benign for 99.999% of the time, then when it noticed IP addresses from a certain range, serve up something malicious.
What I find pathetic is that these companies, oftentimes the source of the most abusive and invasive software on the Internet, call themselves the victims when people just block their garbage.
It has gotten so bad, that in the last 10 years, it is quite obvious that the #1 defense against malware on a computer is not a firewall, nor is it an AV program. It is an adblocking extension coupled with some form of click to play or NoScript. In fact, if a user doesn't run anything downloaded, adblock/noscript/updated browser/firewall is pretty much all they need for adequate security.
Of course, iOS/Android tend to not be that better. Half the time, you find sites trying to shunt over to the App Store for some brain-dead F2P/P2W clone of Candy Crush or junk like that. Using Dolphin Browser on Android does help with this.
The problem isn't the ads. Plain old static banner ads did work. Google text ads are useful. The actual problem is greed. The banner ads were replaced by tower ads, content was moved from one page and broken up into 5-30 pages. Hyperlinks were replaced by mouseovers. Even photos are broken up requiring 4-5 pages to see the entire pithy meme.
Nothing wrong with the CIS interface. Type in "go wherever", and you can read what you want. Similar with newsgroups pre-Canter/Siegel where trolls would feel the wrath of their local BOFH quite quickly.
I just think it will get worse. Windows 10, with its privacy settings that allow all your data to be slurped up, and the Edge browser which doesn't allow for extensions like AdBlock, but is happy with add-ons like Flash. DRM extensions are already in all major browsing platforms, so I wouldn't be surprised to see all content DRM-protected, just to protect the ads, similar to the all-Flash web pages back in the early 2000s to bypass hosts files and such, but were killed by devices that didn't play well with Adobe's add-ons. I also wouldn't be surprised to see more websites refuse to work on mobile sites unless via their app.
The ironic thing is that Google has done extremely well with their quiet text ads. Apple has done well with their relatively unobtrusive iAd platform.
The problem is that nobody cares to fix this problem:
The ad slingers can play three-monkeys when bad guys use their networks for malvertising, then they whine when people block their stuff. They have zero accountability. If, instead of malware, it was infringing IP, said ad servers would be out of business immediately.
It is easy to blame the "evil adblockers", and try to start countering it. Newsweek uses scripts so it doesn't display if it detects AdBlock for example.
I'm not going to be surprised to see an arms race between people wanting to keep their networks clean, versus advertisers who want to be ever more intrusive.
The advertisers are winning on one front -- they can find you... I have yet to see a Web browser that doesn't score "unique" on EFF's Panopticlick and have decent functionality, so I have to filter sites by IP and hostname, so the nasty behavioral tracking sites can't get in contact to the browser in the first place... and when they do, the browser is sandboxed, in a VM, or both to minimize potential damage.
Last time I used a VM without ad-blocking, it seemed almost every page I visited had ads that started talking or playing music. About ten minutes into browsing on a popular social network site, the VM got nailed by scareware, apparently through a hole in a browser add-on.
The real life example is people offering you newspapers for free if you open the door and listen to a sales pitch... but then some newspaper companies started having a percentage of their salesperson hold the people at gunpoint and do a home invasion, so the smarter people just don't open the door.
The last time I've had to use a taxi, I called to see about a cab to pick me up at one of the more notable hotels, waited about 30 minutes with no vehicles other than the people loading/unloading, then got a text that I owed them a no-show fee.
Uber/Lyft seem a lot more friendly than that. They might even bother to show up.
Slashdot Mirror
I personally encountered a drive array driver cause an entire array to get overwritten by garbage. I was quite glad that I had tape backups of the computers and the shared array, so a recovery was fairly easy (especially with IBM sysback.)
Filesystems are one piece of a puzzle, but an important one. If that array decided to just write some garbage in a few sectors, almost no filesystem would notice that, allowing propagating of corrupted data to backups. The only two that might notice it would be a background ZFS task doing a scrub and noticing a 64 bit checksum is off, or ReFS doing something similar. Without RAID-Z2, the damage can't be repaired... but it can be found and relevant people notified.
That utility doesn't work if the passwords are encrypted with a master password as per their website. One will get an encrypted blob, but that's it. Maybe useful for backup, but not prying out what someone used for their latest vend a goat order.
I do agree with you with another point -- in Chrome, I can do a shift-esc, and kill a lot of memory hogs per tab. No real way to do that in FF. Chrome also has better VM structure, keeping plugins a safe distance from the OS.
I like the idea this filesystem is going for... it can be useful as a cache, so that hardcore random I/O is smoothed out before it goes onto HDD platters, so a SSD can function as a place for the OS, and as a cache between a drive array or slow external drives.
My only addition would be encryption. If it is designed to work as a transient, ephemeral filesystem where data is only kept until it is safely copied to the real filesystem, then maybe encryption should be a part of this, with keys for data periodically changed out to ensure that data already written to the HDD is not going to be recovered, or if the cache is used as a read cache, the key would reside in RAM and the cache rebuilt on reboot.
In some cases, stuffing them in a browser is worth it. There are a lot of websites which demand an account to do much (pinterest). With these, there is little lost if they get compromised (other than someone trying to troll from the account), so might as well toss worthless account IDs like that in someplace that is relatively convenient, and has some security.
Another nice thing about FF is that it has its own FIPS compliant data stores for passwords as well as its own separate keystore. Chrome and IE use the system's keys on Windows.
This is important, because if someone gets a bogus root CA into the Registry, Chrome and IE will happily honor it, while Firefox will stop and point it out.
FF also provides password protection for the keystore data. This way, if FF is left unattended (and a timeout is set), an intruder can't just walk away with a user's password stash.
Anything is better than nothing in this department. Without encryption, there is zero privacy.
I'd say the first problem is teaching people why they want privacy in the first place. I either run into the attitude of "I don't care about what I do, I'm doing nothing illegal", or the attitude of "the bad guys will get it anyway."
It is a similar attitude I see where people don't bother taking basic precautions with computers, assuming malware and reinstalling every few weeks to months is a fact of life.
After actually getting users to back up and secure their systems (install patches, run an adblocker, enable some "click to play" functionality), the first part is getting them to make and securely store a PGP [1] key, making sure to remember the key's passphrase and keep a good backup in offline sites of the key [2]. From there, it is setting up a web of trust (I tend to respond to messages in kind. Encrypted messages get an encrypted response, for example.)
The basics are not really hard to get down, but do take some time and thought, especially guarding one's private key, managing one's web of trust, and sending/receiving encrypted content. One of the advantages of OpenPGP is that the encryption format and the messaging format are independent. An encrypted message can arrive via SMS, SMTP, AIM, FB Messenger, a USENET post, file stashed on a USB flash drive, or many other ways.
[1]: Technically OpenPGP format, be it done by PGP, netpgp, GPG, Symantec Encryption Desktop, APG, or another utility.
[2]: I'd probably recommend buying three hardware AES encrypted USB flash drives. IronKey has the best reputation, and they have some cheapies that are not FIPS compliant that are relatively expensive ($35 for 4 GB)... but have a proven track record and are relatively reliable. Once a user copies their key to all three, the USB flash drives should be stashed in separate locations, as they shouldn't need to be accessed often.
I might take that a step further: Lets separate education [1] from our education -system- which is broken and a money sink.
First, we need more trades. IT is a mature type of trade now, so it should have a governing body similar to electrical, plumbing, and HVAC. Not certs (as who cares if a plumber is certified to install HepVo waterless traps, but people do care if a plumber knows the proper angle of tilt for drainpipes so poop doesn't wind up building up.)
IT should be a trade, just like plumbing. Too much BS otherwise, because some "school" (even accredited ones) will be happy to teach someone about "fiber optics"... only to have the student have zero chance of a job once graduated.
From there, education resulting in certificates [2]. Not just MCSEs and CCIEs, but generic specializations, such as teaching K-12, handling special ed kids, rifle training, and so on, with a standardized way to show that one has earned a certificate in this (and it passed some accrediting body, so they are meaningful.)
K-12 is still meaningful. Everyone needs some type of unifying education and a lowest common denominator set of skills, things like being able to tip a waiter 21%, add up a bunch of figures to make sure a receipt is correct, be able to point to where the country is on a map that is in the news, have an understanding of branches of government, speak/write effectively, and have a set of basic critical thinking skills.
[1]: Education/training, which needs a lot of help in US.
[2]: Certificate in both the acknowledgement about training, as well as a cryptographic signed validation of this to make online checking of these easier.
The closest I've seen to this is probably Apple's AirPort Extreme/Time Capsule. Drop it in, use an iOS or Mac app to find and configure it, and it does a decent job of routing, allowing for external HDDs to work, and so on.
Of course, it doesn't have the more advanced features like manual ACLs, but for an average user, it does the job without issue.
There are always scenarios that one doesn't realize, but come in handy. For example, having a PFSense appliance in front of a Windows VM to ensure that nothing leaks in case the VPN tunnel to work gets dropped. VMWare Workstation does do a number of tricks to help maximize use of RAM, but in any case, there is no substitute for it, even if it just there being used for caching. VMWare Fusion is even more RAM hungry, so having 16 or more GB of RAM available (plus a SSD if possible) doesn't hurt and can save headaches, especially when travelling.
Of course, it would be nice if VMWare made an ESXi variant that allowed VMs to use the local keyboard and monitor, with any 3D acceleration from the video card available. That would be nice for being able to run a game, but keep Windows firmly away from the hardware, and ESXi does a great job at dealing with RAM overcommits, so if one adds more SSD, paging isn't too bad.
The nice thing about VMs is that you can snapshot the compromised instance, roll back and fix a known clean copy, and you still have the ruined one for forensic work. It also keeps the bad stuff away from the bare metal, so even if the VM gets nailed, a simple snapshot rollback will take care of the job.
VMs are more of a "why not" than "why" these days.
I used to find that XP + a Web browser would fit comfortably in 512 MB of RAM on a VM. However, since XP is no longer supported, 2 GB is what is decent for running a sandboxed web browser [1] in Windows 7 without having it start thrashing.
Some applications (accounting software) I like keeping in their own VM, so 4 gigs is useful as well.
For any office suite, 4GB, hands down. 2GB just doesn't cut it.
As for the base machine, if one does basic virtualization as a way to separate tasks (browse the web in one VM, etc.), I would say that 16GB is a must, preferably 32 because the RAM that isn't used can be used as a read cache. Also, since one is dealing with multiple operating systems all vying for control of the read-write head, a SSD will make a lot of difference as well just because of all the random I/O requests (the I/O blender effect is what the trade rags call it.)
[1]: SandboxIE. Nothing is 100% secure, but it doesn't add that much more work, and adds a definite layer of security.
They have already won that battle. Try visiting EFF's Panopticlick, and almost invariably, any browser will be unique, because of the order of add-ons installed, the browser's ID, or fonts.
I also use the above mentioned tools (as well as a customized hosts file), but I also run the browser in a VM, just so if something bad gets past the add-ons, it cannot touch the bare metal of the computer, nor affect useful data.
I've never understood why people bag on rar. In fact, it is one of the few programs that I have a volume license for because it winds up on every box and general purpose VM I own.
The main reason is that it is a stable archive format. I grab a stack of multi-part archives I burned on CDs 10 years ago, and I have an excellent chance of pulling a file off. Dead CD? I just put the media in with the recovery volume, and that is only if the error correction recovery record I added (usually 5-10%) didn't cut the mustard. Plus, I can then save the archive (repairing any damage) if needed. Had I used .tar.bzip2 or .tar.xz, I probably would be SOL, especially with a database backup image that spanned more than one piece of media.
Plus, I can extract the archives on many other platforms. Of course, there are other utilities (PAR, 7Zip, Stuffit Deluxe), but not many provide error correction as part of the archive file, encryption, multi-volume spanning, and decent compression.
It depends. If a car thief could use some device to pop open door locks in order to snatch your phone's charger or pop the trunk hoping for a laptop, they would.
On a higher scale, attacks against many cars at once has happened. A few years ago, there was a used car dealership which used boxes installed on all vehicles that required people who financed through the dealership to type a PIN weekly, which was on the payment receipt. If a PIN wasn't put in, the vehicle would not start. One ex-employee decided to "hack" (i.e. log on using a valid employee's user and password) the system, and disabled all customer cars, where they stalled immediately, wherever they were, be it on the highway, parked, in a school zone, and started honking their horns. This caused a pretty sizable traffic jam because there were a number of these on the roads, and all had to be towed off.
Now imagine this on a larger scale, something like GM's OnStar. Another hurricane barreling on New York, and someone using OnStar to deliberately disable vehicles evacuating. Now the impact of the disaster is magnified because nobody can escape by car.
There are a lot of groups who would love to be able to take credit for that.
So, yes... everyone's vehicle is at risk.
Any new diesel made in the past few years has an extensive vehicle computer, mandated by the EPA (and Euro6.) For example, if the piss tank is empty, by law, the vehicle has to be disabled until it is filled. Similar if the particulate filter is clogged or bypassed.
Nail, head hit. The one use I can see for flexible lithium cells in this case would be to shape them to allow for liquid cooling, or for liquid heating, since lithium batteries cannot be used if their temperature is too low. Of course, if there issues with the liquid flowing, there need to be failsafes for that.
Another problem is that lithium batteries catch fire if physically damaged. With how lawsuit-happy the US is, where even 9mm ammo says, "DO NOT EAT" on the box, I bet someone would start gnawing on a watch band, punch through the battery's enclosure, get burned, sue, and score a big win in the courts.
There is some merit to a status display at a glance, just to see alerts. However, there are a ton of things that need to be in for thought:
1: The alerts have to be meaningful. I've worked with more alerting programs than I care to remember (Netview, OpenView, Bit Brother, hobbit, SCOM, SCVMM, vSphere, xymon, Splunk, SenSage, SolarWinds, tripwire and many other), and the biggest problem with all of them is having them hand you alerts that actually matter. A status screen always glowing red because some development server has some glitch with a driver is pointless, and makes the display worthless. Similar with alerts from vSphere. Setting CPU overuse alarms that some VM that nobody gives a rat's ass about, is just a waste of time.
Even things like disk array warnings can be meaningless. I have encountered equipment that always had its disk array throwing exceptions and soft-failing disks.
Configuring this to be meaningful is the tough part. Alerts with a 10 pucker factor at a bank (Oracle RAC cluster down to one node) may wind up having a PF of 0 over at a development site where they only have one node to start out with.
I learned this with Splunk dashboards. One person just may not care that some machines have high RAM usage. Another person might be highly concerned because RAM provides a fast cache for reads.
2: The alerts have to have proper severity. Not everything that shows up needs to be a double-plus-flashing-red alert. There are items that are warnings, notices, or even debug messages that can pop up, which are extremely notable.
3: The alerts have to show something useful. Random icons turning red don't mean much unless there is a way to expand exactly to what it means, what is affected, when did this happen, and so on.
In reality, instead of having some display with some Hollywood-esque graphic on it, just give all the IT people another monitor and a customizable dashboard panel. This does the same function, and will wind up being far more useful than something graphical just for graphics's sake.
What I don't get is how the Cameron government assumes people are stupid. With VPN services so easy to access, unless they wanted to play a cat and mouse game with blocking anything that remotely even looks like an encrypted IP tunnel, these pornography laws are pointless. Of course, with Draconian laws will come the blowback. The UK hasn't had the folly of the US's Prohibition and War on Drugs, and I hope their government is smart enough to not fall into that trap.
The turning point was in the early to mid 2000s, when worms, executable E-mail, and infected Word documents were dealt with by signing, spam control, and just not running code in the E-mail, period. Once that vector of infection was stopped, other than Trojan horses, it became the Web browser (and add-ons) that has become the largest vector of infections, because it constantly is in contact with untrusted, likely hostile code.
As for AV, I've yet to see a normal antivirus scanner be able to deal with an exploit crawling out of a browser or add-on. The sole exception to this is Malwarebytes because it blocks malicious sites by IP. However, that doesn't give full protection, since an ad server can be completely benign for 99.999% of the time, then when it noticed IP addresses from a certain range, serve up something malicious.
What I find pathetic is that these companies, oftentimes the source of the most abusive and invasive software on the Internet, call themselves the victims when people just block their garbage.
It has gotten so bad, that in the last 10 years, it is quite obvious that the #1 defense against malware on a computer is not a firewall, nor is it an AV program. It is an adblocking extension coupled with some form of click to play or NoScript. In fact, if a user doesn't run anything downloaded, adblock/noscript/updated browser/firewall is pretty much all they need for adequate security.
Of course, iOS/Android tend to not be that better. Half the time, you find sites trying to shunt over to the App Store for some brain-dead F2P/P2W clone of Candy Crush or junk like that. Using Dolphin Browser on Android does help with this.
The problem isn't the ads. Plain old static banner ads did work. Google text ads are useful. The actual problem is greed. The banner ads were replaced by tower ads, content was moved from one page and broken up into 5-30 pages. Hyperlinks were replaced by mouseovers. Even photos are broken up requiring 4-5 pages to see the entire pithy meme.
Nothing wrong with the CIS interface. Type in "go wherever", and you can read what you want. Similar with newsgroups pre-Canter/Siegel where trolls would feel the wrath of their local BOFH quite quickly.
I just think it will get worse. Windows 10, with its privacy settings that allow all your data to be slurped up, and the Edge browser which doesn't allow for extensions like AdBlock, but is happy with add-ons like Flash. DRM extensions are already in all major browsing platforms, so I wouldn't be surprised to see all content DRM-protected, just to protect the ads, similar to the all-Flash web pages back in the early 2000s to bypass hosts files and such, but were killed by devices that didn't play well with Adobe's add-ons. I also wouldn't be surprised to see more websites refuse to work on mobile sites unless via their app.
The ironic thing is that Google has done extremely well with their quiet text ads. Apple has done well with their relatively unobtrusive iAd platform.
The problem is that nobody cares to fix this problem:
The ad slingers can play three-monkeys when bad guys use their networks for malvertising, then they whine when people block their stuff. They have zero accountability. If, instead of malware, it was infringing IP, said ad servers would be out of business immediately.
It is easy to blame the "evil adblockers", and try to start countering it. Newsweek uses scripts so it doesn't display if it detects AdBlock for example.
I'm not going to be surprised to see an arms race between people wanting to keep their networks clean, versus advertisers who want to be ever more intrusive.
The advertisers are winning on one front -- they can find you... I have yet to see a Web browser that doesn't score "unique" on EFF's Panopticlick and have decent functionality, so I have to filter sites by IP and hostname, so the nasty behavioral tracking sites can't get in contact to the browser in the first place... and when they do, the browser is sandboxed, in a VM, or both to minimize potential damage.
Last time I used a VM without ad-blocking, it seemed almost every page I visited had ads that started talking or playing music. About ten minutes into browsing on a popular social network site, the VM got nailed by scareware, apparently through a hole in a browser add-on.
The real life example is people offering you newspapers for free if you open the door and listen to a sales pitch... but then some newspaper companies started having a percentage of their salesperson hold the people at gunpoint and do a home invasion, so the smarter people just don't open the door.
The last time I've had to use a taxi, I called to see about a cab to pick me up at one of the more notable hotels, waited about 30 minutes with no vehicles other than the people loading/unloading, then got a text that I owed them a no-show fee.
Uber/Lyft seem a lot more friendly than that. They might even bother to show up.