Most consumer electronics companies embed moisture and shock detection elements in their products. It is in their best interest to protect themselves against warranty fraud and abuse. In some cases, they will overlook these items, depending on the circumstances surrounding the story. I know for certain that RIM (BlackBerry) has these in their devices too.
Apple is far from alone in this regard. It is a very common practice in high-value, portable consumer electronics.
That 'somebody' was Ken Thompson in his acceptance of the Turing award i n 1984 (how apropos):
http://cm.bell-labs.com/who/ken/trust.html
The idea is that the compile can insert a backdoor into the login program when it is compiling it. Secondly, it can insert this backdoor into the compiler when it is compiling itself. The source no longer shows the infection. This is devious and fascinating.
Bah! Kids these days!
Although some of the concepts in TFA are interesting, it is certainly building on ideas that have passed before it.
Much work has been done on emergent behaviour in aggregates of simple organisms, for example the early work of Craig Reynolds is a pivotal paper in this area and widely regarded as a key work in this area. When you might ask? 1987 of course. Bonus points that it was done in LISP. (ObXkcd link).
1) The ability to turn the volume up or down in a wider scale than they give us.
Indeed. A personal frustration for a long time. 2) The phone to tell me what the hell it's doing signal-wise.
I had a phone that could do this. The older Nokia series phones had a secret test mode that was easy to enable. On this you could see the towers/cells being tracked and the SNR/SL for each. Would fit the bill nicely. See below.
3) A phone that doesn't fucking break.
Again, the (photo) Nokia 8890 that I had was a masterpiece of design -- solid, simple, reliable. It was easily 90% of all that I wanted in a phone and I have yet to see a phone that can live up to this simple, solid design.
replace SIM cards with SD cards
Problem is that they serve entirely different purposes. The SIM/UICC card is taking place in the network authorization and authentication. It contains a secret key for which the network has a public key and is the cornerstone of how you sign into the network. It is also 'practically' impossible to clone - by design, to ensure subscriber access control. Although the look the same they serve entirely different purposes. I agree that an SD card would be very nice though (in addition).
I carry a circular slide rule in my briefcase for checking quick calculations and the various basic problems that pop up that are 'multiply/divide' ratio style problems. Here is a photo of this story's page along with my trusty CR-2 slide rule. (Many basic items, from time and distance to power or area calculations.) The circular slide rule is still a basic tool used by pilots (when things that take batteries fail) and you can even purchase watches that have them built in from companies like Citizen, Seiko, Breitling and others. Once you travel internationally and realize you have an instant currency converter on your wrist, you appreciate how useful they can be. I also have my father's slide rule from the 40s and 50s when he was studying engineering. It does far more than the circular rule (logs, 10 and natural).
There is something very useful about using these tools, they help you get a sense for the order of magnitude of your answer and you can frequently catch stupid mistakes when you are FORCED to consider the order of magnitude as your work the problem quickly and efficiently. Posters that have pointed this out ahead of me are spot on.
It might shock you, after reading all the above, to learn that I'm under 40 and live in North America.:-)
Somehow you didn't notice section 26 of RFC 3261 or RFC 3711?
There are many interoperable, secure SIP devices -- the industry chooses not to deploy them for a variety of reasons, some good, some bad.
Surely they meant to say "cooling off" not cooling offer.
A cooling offer sounds more like an M&A gone bad or a real estate deal that sits around too long.
In related news, Ford Motor Corp. announced today that they are capping the top speed of their popular F-150 series pick-up truck to 30 mph (50 km/h) in order to prevent reduce the likelihood of people using their truck to drive to work.
I'm not convinced that everybody has "secrets" that they would want to hide. Some people do not. However, that said, it is critical to protect the right to privacy. People today likely don't care because they don't understand a very important thing: when things are off-line, manual and require manual investment of time and energy, they become less accessible and therefore, appear to be somewhat private. This is not true when searches and corelation can be automated.
In a society that codified and archives data and facts online, protection of information can only be assured via unassailable proofs, cryptographic methods and legislation to support this right. I think this is where the media has done all of us a disservice. We should / could all benefit from this issue being presented as a serious concern, otherwise we will soon find ourselves not only without any privacy, but without any means to defend it.
I am quite confident that they are not doing full-risks on a 100% random selection of people. I've been flying, on average, 100 flights per year for the last 4 years and I think I was randomly selected for search 2 years ago when I purchased a one-way same-day cross country ticket on a carrier I don't normally fly with. That said, I have done the exact same thing on a carrier that I fly with all the time and there was no extra security.
You figure it out, that's 1, possibly 2 searches in ~400 flight segments. If it is random, we aren't screening a large percentage of people, that's for sure.
When I think that strawberries from Watsonville (an hour from here) cost less in Tennessee at a WMSC than they do locally at Albertsons, it becomes immediately obvious how badly the general public is getting screwed by these other chain stores. Hint: there are more Albertsons stores (2500) than WM Supercenters (2000), therefore Albertsons has MORE buying power and should be able to charge LESS for everything. So why do I pay, on average, half again more for groceries than folks at WM Supercenters in similarly expensive metro areas? I'll tell you what it isn't. It isn't the cost of employees. They make up a tiny fraction of the overhead of running a store.
You need to be careful not to confuse total stores with total volume of product moved. Wal*mart has one of the most efficient supply-chain systems ever implemented. This is what allows them to push their costs down and earn similar (or more) per transaction compared to operations like Albertson's. Albertson's may also have union labor; something that changes the cost of employees significantly.
The answer is corporate greed... and on the grand scale, Wal-Mart shows less corporate greed than most other companies. [...] When I can buy a COLD soft drink in a vending machine outside a Wal-Mart for about what it costs to buy it in a twelve pack at Albertsons or Target, somebody is getting greedy, and it isn't Wal-Mart.
And it isn't Albertson's either. The machines outside most stores are run by an independant vending machine operator without an affiliation with Albertson's, Safeway or whomever. In some cases, there are agreements to couple a store with a particular operator in a particular region or city, but the pricing of these machines is not set by the store in these cases.
Consider that what you do with the computer will have an enormous impact on what you ask of the HDD subsystem. If you develop software at all, running a compiler on a complex project with hundreds of files is very I/O intensive. Improved hard drive performance can make a tangible difference to the compile time (and therefore development-test-debug cycle time) for many developers.
A Vax 11/780 at the DEC office in Ottawa, ON circa 1978. Photo courtesy of Wikipedia
Star Trek Calendars, Tax Tables, and Snoopy Games. Oh, and a Wumpus.:-)
Shortly thereafter, I messed around with a Sinclair ZX80. I was hooked. I love the smell of solder flux in the morning.
Moved through a second-hand HP calculator (desk sized) that included a thermal printer and a 'magnetic card reader' for storage. It used RPN and it was addictive. (Noisy, and gave the impression it was working hard when it calculated.)
I didn't see an x86 until the early 90s. A feat that likely helped me quite a bit.
Apple's Mac OS/X supports the native creation and use of AES-128 CBC crypto on disk images. It would be trivial to setup the iPod to be as secure as your key management processes.
Re:Why you shouldn't use OpenSSH
on
OpenSSH 4.2 released
·
· Score: 4, Interesting
Honestly, I've known Theo for over 15 years. That's longer that almost everyone else who has an opinon here.
That said, Theo is outspoken, loud, somewhat obnoxious and sometimes very hard to deal with. None of that affects the quality of his work. It certainly affects the quality of interaction you might have with Theo, or the perception you might have around his projects.
I certainly would not conduct my personal affairs with the same aplomb as Theo, nor would I piss in my own Corn Flakes quite like Theo can. This aside, Theo is an intelligent, smart individual and those who choose to draw from him that which is valuable will recognize that his different viewpoints, although sometimes objectionable, are just that : different viewpoints.
Sometimes, in the realm of the übergeek, it is difficult to remember that the goal is to produce the best software possible for the consuption and use of others.
I would never, (I repeat: NEVER), conduct my social affairs in the same fashion as Theo, however, I would be a happy man to be able to hang my hat on the solid line of quality software that he and his cadre of loosely joined pieces have brought us all.
I have partied with de Raadt, I have climbed, caved and even swooned over the same ladies. None of this matters. In the end, love Theo or hate him, he has contributed much to the OSS world and much to the security realm.
I may not choose to give him a grant allocation or hire him for my firm, however, Theo is Theo and at least he holds a consistent standard for himself and those who contribute to the projects he administrates. For this we can all be thankful. Interity is an essential element of honor; if you do not agree with how Theo condicts his affaris; so be it, but I think Theo makes the effort to conduct his own affairs within his own code of honor. Even if this code is incompatible with my own (and it appears to be) I have to respect that.
AFAIK MSIE does run on Apple's OSX, or is my little fox holding the wrong lightbulb.
MSFT has end-of-lifed MSIE on the mac a couple years ago.
See a report on this, here note that this was in June of 2003, over 2 years ago.
Current releases of OS X do not include MSIE.
In fact, I never burned an audio CD or downloaded music in all the years prior to the CD/R levy. Now I just don't care and burn whatever I feel like. If it's good, I'm likely to go buy it anyway since the quality is better from original CDs.
What a stupid law indeed.
Re:Killer Crypto Application - secure SIP
on
VoIP Security
·
· Score: 1
Oh, so you just want SIP. SIP is secure. Current deployments might not be.
http://www.ietf.org/rfc/rfc3261.txt
Read all those parts about SRTP, TLS and SIPS.
Thanks for taking the time to reply. I realize that I jumped to a bit of a hyperbole-style conclusion, and should have taken the time to make it clear that I read TFA.:-) But what would slashdot be without a little flag waving. All the same, I appreciate the clarification.
Well, most personal blogging software and application servers that rely on 302 redirection to present a consistent top-level URI scheme won't work properly anymore. One can only spend so many minutes a day writing/. posts. So this got left out, oh well. Thanks for the constructive criticism (ugh).
World of hurt might be drastic, but people should carefully consider the impact before implementing solutions.
Slashdot Mirror
Most consumer electronics companies embed moisture and shock detection elements in their products. It is in their best interest to protect themselves against warranty fraud and abuse. In some cases, they will overlook these items, depending on the circumstances surrounding the story. I know for certain that RIM (BlackBerry) has these in their devices too. Apple is far from alone in this regard. It is a very common practice in high-value, portable consumer electronics.
That 'somebody' was Ken Thompson in his acceptance of the Turing award i n 1984 (how apropos): http://cm.bell-labs.com/who/ken/trust.html The idea is that the compile can insert a backdoor into the login program when it is compiling it. Secondly, it can insert this backdoor into the compiler when it is compiling itself. The source no longer shows the infection. This is devious and fascinating.
Bah! Kids these days!
Although some of the concepts in TFA are interesting, it is certainly building on ideas that have passed before it.
Much work has been done on emergent behaviour in aggregates of simple organisms, for example the early work of Craig Reynolds is a pivotal paper in this area and widely regarded as a key work in this area. When you might ask? 1987 of course. Bonus points that it was done in LISP. (ObXkcd link).
1) The ability to turn the volume up or down in a wider scale than they give us.
Indeed. A personal frustration for a long time.
2) The phone to tell me what the hell it's doing signal-wise.
I had a phone that could do this. The older Nokia series phones had a secret test mode that was easy to enable. On this you could see the towers/cells being tracked and the SNR/SL for each. Would fit the bill nicely. See below.
3) A phone that doesn't fucking break.
Again, the (photo) Nokia 8890 that I had was a masterpiece of design -- solid, simple, reliable. It was easily 90% of all that I wanted in a phone and I have yet to see a phone that can live up to this simple, solid design.
replace SIM cards with SD cards
Problem is that they serve entirely different purposes. The SIM/UICC card is taking place in the network authorization and authentication. It contains a secret key for which the network has a public key and is the cornerstone of how you sign into the network. It is also 'practically' impossible to clone - by design, to ensure subscriber access control. Although the look the same they serve entirely different purposes. I agree that an SD card would be very nice though (in addition).
I carry a circular slide rule in my briefcase for checking quick calculations and the various basic problems that pop up that are 'multiply/divide' ratio style problems. Here is a photo of this story's page along with my trusty CR-2 slide rule. (Many basic items, from time and distance to power or area calculations.) The circular slide rule is still a basic tool used by pilots (when things that take batteries fail) and you can even purchase watches that have them built in from companies like Citizen, Seiko, Breitling and others. Once you travel internationally and realize you have an instant currency converter on your wrist, you appreciate how useful they can be. I also have my father's slide rule from the 40s and 50s when he was studying engineering. It does far more than the circular rule (logs, 10 and natural).
There is something very useful about using these tools, they help you get a sense for the order of magnitude of your answer and you can frequently catch stupid mistakes when you are FORCED to consider the order of magnitude as your work the problem quickly and efficiently. Posters that have pointed this out ahead of me are spot on.
It might shock you, after reading all the above, to learn that I'm under 40 and live in North America. :-)
Somehow you didn't notice section 26 of RFC 3261 or RFC 3711?
There are many interoperable, secure SIP devices -- the industry chooses not to deploy them for a variety of reasons, some good, some bad.
Surely they meant to say "cooling off" not cooling offer.
A cooling offer sounds more like an M&A gone bad or a real estate deal that sits around too long.
I'm not convinced that everybody has "secrets" that they would want to hide. Some people do not. However, that said, it is critical to protect the right to privacy. People today likely don't care because they don't understand a very important thing: when things are off-line, manual and require manual investment of time and energy, they become less accessible and therefore, appear to be somewhat private. This is not true when searches and corelation can be automated.
In a society that codified and archives data and facts online, protection of information can only be assured via unassailable proofs, cryptographic methods and legislation to support this right. I think this is where the media has done all of us a disservice. We should / could all benefit from this issue being presented as a serious concern, otherwise we will soon find ourselves not only without any privacy, but without any means to defend it.
They might be lying and they might not.
I am quite confident that they are not doing full-risks on a 100% random selection of people. I've been flying, on average, 100 flights per year for the last 4 years and I think I was randomly selected for search 2 years ago when I purchased a one-way same-day cross country ticket on a carrier I don't normally fly with. That said, I have done the exact same thing on a carrier that I fly with all the time and there was no extra security.
You figure it out, that's 1, possibly 2 searches in ~400 flight segments. If it is random, we aren't screening a large percentage of people, that's for sure.
Well, you need quite a bit of bandwidth for transfering the worm and virus payloads.
Consider that what you do with the computer will have an enormous impact on what you ask of the HDD subsystem. If you develop software at all, running a compiler on a complex project with hundreds of files is very I/O intensive. Improved hard drive performance can make a tangible difference to the compile time (and therefore development-test-debug cycle time) for many developers.
A Vax 11/780 at the DEC office in Ottawa, ON circa 1978. :-)
Photo courtesy of Wikipedia
Star Trek Calendars, Tax Tables, and Snoopy Games. Oh, and a Wumpus.
Shortly thereafter, I messed around with a Sinclair ZX80. I was hooked. I love the smell of solder flux in the morning.
Moved through a second-hand HP calculator (desk sized) that included a thermal printer and a 'magnetic card reader' for storage. It used RPN and it was addictive. (Noisy, and gave the impression it was working hard when it calculated.)
I didn't see an x86 until the early 90s. A feat that likely helped me quite a bit.
Apple's Mac OS/X supports the native creation and use of AES-128 CBC crypto on disk images. It would be trivial to setup the iPod to be as secure as your key management processes.
Honestly, I've known Theo for over 15 years. That's longer that almost everyone else who has an opinon here.
That said, Theo is outspoken, loud, somewhat obnoxious and sometimes very hard to deal with. None of that affects the quality of his work. It certainly affects the quality of interaction you might have with Theo, or the perception you might have around his projects.
I certainly would not conduct my personal affairs with the same aplomb as Theo, nor would I piss in my own Corn Flakes quite like Theo can. This aside, Theo is an intelligent, smart individual and those who choose to draw from him that which is valuable will recognize that his different viewpoints, although sometimes objectionable, are just that : different viewpoints.
Sometimes, in the realm of the übergeek, it is difficult to remember that the goal is to produce the best software possible for the consuption and use of others.
I would never, (I repeat: NEVER), conduct my social affairs in the same fashion as Theo, however, I would be a happy man to be able to hang my hat on the solid line of quality software that he and his cadre of loosely joined pieces have brought us all.
I have partied with de Raadt, I have climbed, caved and even swooned over the same ladies. None of this matters. In the end, love Theo or hate him, he has contributed much to the OSS world and much to the security realm.
I may not choose to give him a grant allocation or hire him for my firm, however, Theo is Theo and at least he holds a consistent standard for himself and those who contribute to the projects he administrates. For this we can all be thankful. Interity is an essential element of honor; if you do not agree with how Theo condicts his affaris; so be it, but I think Theo makes the effort to conduct his own affairs within his own code of honor. Even if this code is incompatible with my own (and it appears to be) I have to respect that.
In fact, I never burned an audio CD or downloaded music in all the years prior to the CD/R levy. Now I just don't care and burn whatever I feel like. If it's good, I'm likely to go buy it anyway since the quality is better from original CDs.
What a stupid law indeed.
Oh, so you just want SIP. SIP is secure. Current deployments might not be. http://www.ietf.org/rfc/rfc3261.txt Read all those parts about SRTP, TLS and SIPS.
Theo? I didn't know Theo was in New Zealand.
Not at all new. Fido (aka Microcell) now part of the Rogers family launched '#DJ' service last year around this time.
Thanks for taking the time to reply. I realize that I jumped to a bit of a hyperbole-style conclusion, and should have taken the time to make it clear that I read TFA. :-) But what would slashdot be without a little flag waving. All the same, I appreciate the clarification.
It's not likely just the photo viewer software. Some SONY TVs boot linux for the control / UI portion of the interface. [Or so I've been told].
Well, most personal blogging software and application servers that rely on 302 redirection to present a consistent top-level URI scheme won't work properly anymore. One can only spend so many minutes a day writing /. posts. So this got left out, oh well. Thanks for the constructive criticism (ugh).
World of hurt might be drastic, but people should carefully consider the impact before implementing solutions.