Microsoft has been threatening Linux for years. I mean, they even helped fund SCO's ridiculous lawsuits.
This isn't new behavior for them. It's a way to turn a free (in software costs) product cost money. Honestly, I'm surprised they didn't go this route when Android first came on the market. They probably didn't want to go after Google directly back then.
The largest recent change has been the massive (and illegal if you look at the trial details) winnings in the Samsung case.
If they follow through with it, and if the other browser makers follow them, then you won't have to worry about it.
A CA's business is all based on trust. As soon as they're known to be untrustworthy then they're dead. Well, for any commerce or banking site at least. I expect the governments to still use them though. Even being suspect is enough to drive business away.
What we need is browsers pushing DNSSEC. Users are trained to look for the green padlock. If you display it as say yellow for a secure sight without DNSSEC your users will start to notice. Once DNSSEC becomes mainstream you can use that for key signing as described in other posts on this topic.
I've tried getting the kernel code for the Thunderbolt's ICS upgrade. The reply I received was a boilerplate response to the "When's the next update going to be" question. That was last week. So, no I do not think they're getting better. The GPL's source code requirements are a joke unless a kernel dev feels like spending money to hire a lawyer.
Honestly, if Samsung wanted to trash HTC that's how they should do it. They should contribute code to the Linux kernel, request a copy of all the different source code used on devices, then sue HTC for non-compliance. If there's one line different in any of the open source parts of a phone update, then the company needs to make a separate source tarball for each individual update (I know there are different ways, but source tarball/zip is what HTC does). If HTC is found to infringe, then by the GPL, they can't distribute the software until they're in compliance. That's what 50 million cases of copyright infringement.
The engineer spends some time talking about some of these things. They use Google's street view images to make detailed maps. The car knows what lanes exist, where the stop signs are, where the lanes are, what the surrounding terrain is like etc... before it even leaves the garage. If there's too big of a difference between the map and actual conditions, it switches to manual mode.
Current car AI systems aren't perfect. He even says in the video that they don't handle snow. But, a system with known limitations that preforms well in its competency zone is nothing to sneeze at.
One of the big things this should allow is more people following your path to citizenship. I think one of the things Americans dislike about the H1B visa program are the number of people who don't stay, or have companies that make it difficult to obtain citizenship without having the companies boot on there necks.
Just look at the GAO report on the issue. The largest employers of H1B visa workers are staffing firms. Quite a few of which use the H1B as a job training visa. Then they can outsource the job back to India.
Honestly, why do people hate on products that obviously don't meet there needs? I understand being upset that something doesn't have what you want, but bashing the creators over and over again just gets old. If it doesn't do what you want, then just don't use it.
Wayland is designed to be much lighter than X11. It does this by offloading as much as possible onto either the kernel or the application. There are pros and cons to doing things this way. Just because you don't think it's worth it, doesn't mean you should be rude to the people who disagree./End Rant
It's a computer in the form factor of a PCMCIA card. The whole goal of the project is to have upgradable tablets and laptops. You just pop the old card out, and put a new one in.
It's a laudable goal, but more hardware manufacturers would need to support it. Honestly, at some point they need to come out with a high performance x86 one.
Watch some of the videos about EVE online's economy. The game designer even has an in house economist to keep track of it all.
The key is to add money sinks as well as money sources. For instance, money used to buy something from an NPC is gone. So, you can adjust the inflation within the game by both tweaking drops/rewards, and item prices.
Of course, most games just have an auction house, while EVE is an entire player based economy.
And how long have police radios relied on insecurity? That's the same question you're asking.
The protocol is very secure and error resistant. It is not, and never has been spoof resistant. All of these signals are unencrypted, and that's a good thing. I don't know about you, but I enjoy seeing where all the planes are. Or are you against open data?
Saying that you could modify the behavior of an airplane by spoofing these signals is like saying you could modify a cars behavior by spoofing GPS signals. Well duh, you can modify an instrument or two, but aircraft have a bunch of backups, the most important ones being the pilots. Actually, GPS spoofing doesn't even work against airliners. They have internal measurement units, and laser ring gyros as redundant backups. You have three fully separate systems voting on everything, including position information.
While someone could in theory spoof some messages, there are reasons why Die Hard 2 was stupid. The largest one being, that pilots have charts that they are required to keep updated, and look at before a flight. They know where they are, and they have good old fashioned paper maps of where everything else is, and it's elevation.
I think that's the automatic lane keeping feature. Something that should be mandatory in all cars. Of course, I think all cars should come with adaptive cruise control with pedestrian detection. So make of it what you will.
Google's cars actually speed. The engineers quickly found (or knew beforehand) that obeying the traffic laws as written was a good way to either cause an accident, or never get to your destination.
I was pleasantly surprised to see a Century Link DSL modem/wifi router come preconfigured with a WPA2, and a random passwords. Both the admin password and the WPA2 password were printed on the sticker on the bottom.
If Century Link can do it, anyone should be able to.
It seems Verizon pushed an update to his specific wireless card. This update allowed it to receive phone calls, thus allowing them to "ping" him in particular. It also set the preferred tower list so that the stingray would always be connected to first.
The fun thing is that by modifying his wireless card, the FBI has "planted" a tracker on him. That requires a warrant. If this guy was such a big deal, then it shouldn't have been hard to get the warrant. The problem is the FBI didn't want anyone, even the judges, to know what cards they held. So even when they got there court order, it wasn't a warrant, and they misled the judge who issued the order. That's a big no no.
I'm pretty sure most broadcast licenses from the require that the content to not be encrypted. Given just how much money companies are willing to pay the FCC for a slice of spectrum, the government wouldn't waste time "repossessing" their spectrum license.
To boost range the signal has to be digitized first. That's what Aero does. If you read how Aero works, it's crazy from a technical perspective to stay legal.
When you subscribe to Aero you're renting your very own antenna hooked up to your own rented (virtual) dvr. Think about how stupid that is. They have thousands of antennas hooked up to thousands of TV tuners to record the same show thousands of times. They are legally prevented from preforming file-level deduplication. (This was a key issue why they won the last court battle)
If you want your own Aero setup it's easy. Just hook a dvr up to an antenna, and connect it to a Slingbox. Be sure to take pictures and send it to all those companies that are suing Aero. We could use another laugh.
That's for everything. Every window decoration you could ever want, every button, etc... If you strip out everything that's not being used by the current program, you get something that's much smaller.
The ease of use is incredible though. I love being able to have an E-Mail with multiple labels, and see/edit all of those labels easily.
It's 2013, and most E-Mail clients still treat an E-Mail with multiple labels as multiple copies. I can't easily search, edit, or even delete my E-Mail with anything but the gmail web interface.
Interesting, though slightly different. Since the Russian Wikipedia is hosted in the US, there's not much that can be done there. If any part of your infrastructure is located in a country that has declared itself hostile to your business, then you're doing it wrong.
ISPs might be asked to block the Russian Wikipedia, but that tends to go over so well with local populations. So, if Russia enjoys riots they can go that route.
A more likely route is to let the Wikimedia foundation members and donors know they would be arrested if Russia ever gets the chance. Basically, bullying the entire organization. While they could try what France did, but tell the person to shut up, it wouldn't work for very long. Especially if you and others are watching.
It looks like some exposed services are vulnerable in a crashing two days later sort of way.
While it's nice that the problem was found, the goal isn't to dos the hospital. I would definitely let someone know about that problem. No one wants to be the guy who ignored the warning.
Actually, I would make sure everything is documented. Especially your conversation with the higher ups and lawyers.
For 99% of users it doesn't matter. Computers are the magic black boxes that either work or they don't.
While it might be fun to write a program that disables all thermal protections and stops the fans, it's quite a different challenge than a simple bitcoin miner.
I have enough trouble trying to set things using the officially provided drivers. Controlling hardware on an unknown machine... Anyone who could do that shouldn't have any trouble making quite a bit of money.
From what I understand, the trick is each miner goes through a search space. If it doesn't find anything, it requests another search space from the control server. If it does, it tells the control server about it. The control server then tells the rest of the world that it found this new bitcoin. If you shut down a machine during a search the control server eventually sees this and has another machine look through the same search space. This is basic parallel programming using a scatter-gather approach with a little bit of management on the server side.
As for the bitcoin itself. There's nothing anyone can do. There is no mechanism within the bitcoin system to declare a bitcoin to have been produced illegally. If the command and control server is shut down then the bitcoin wallet might very well be lost. In that case, the bitcoin is lost forever. See this CCC video about bitcoin loss, deflation, and why that's a bad thing. https://www.youtube.com/watch?feature=player_detailpage&v=-FaQNPCqG58#t=1137s As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life. Hyped Example: http://www.newstatesman.com/economics/2013/04/bitcoin-hyperdeflation
The idea behind this malware is kind of neat though. It's not stealing log in credentials, so it doesn't need to do browser interception and then have the hacker physically dealing with banks. It doesn't preform ddos attacks or send spam, so it doesn't use any network resources except for talking to the command and control server. If it's written correctly, it should run at low priority with a small memory footprint. It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.
Slashdot Mirror
Microsoft has been threatening Linux for years. I mean, they even helped fund SCO's ridiculous lawsuits.
This isn't new behavior for them. It's a way to turn a free (in software costs) product cost money. Honestly, I'm surprised they didn't go this route when Android first came on the market. They probably didn't want to go after Google directly back then.
The largest recent change has been the massive (and illegal if you look at the trial details) winnings in the Samsung case.
If they follow through with it, and if the other browser makers follow them, then you won't have to worry about it.
A CA's business is all based on trust. As soon as they're known to be untrustworthy then they're dead. Well, for any commerce or banking site at least. I expect the governments to still use them though. Even being suspect is enough to drive business away.
What we need is browsers pushing DNSSEC. Users are trained to look for the green padlock. If you display it as say yellow for a secure sight without DNSSEC your users will start to notice. Once DNSSEC becomes mainstream you can use that for key signing as described in other posts on this topic.
Unfortunately, not. They're as bad as ever.
I've tried getting the kernel code for the Thunderbolt's ICS upgrade. The reply I received was a boilerplate response to the "When's the next update going to be" question. That was last week. So, no I do not think they're getting better. The GPL's source code requirements are a joke unless a kernel dev feels like spending money to hire a lawyer.
Honestly, if Samsung wanted to trash HTC that's how they should do it. They should contribute code to the Linux kernel, request a copy of all the different source code used on devices, then sue HTC for non-compliance. If there's one line different in any of the open source parts of a phone update, then the company needs to make a separate source tarball for each individual update (I know there are different ways, but source tarball/zip is what HTC does). If HTC is found to infringe, then by the GPL, they can't distribute the software until they're in compliance. That's what 50 million cases of copyright infringement.
Have you seen this video about Google's cars? http://www.youtube.com/watch?v=7Yd9Ij0INX0
The engineer spends some time talking about some of these things. They use Google's street view images to make detailed maps. The car knows what lanes exist, where the stop signs are, where the lanes are, what the surrounding terrain is like etc... before it even leaves the garage. If there's too big of a difference between the map and actual conditions, it switches to manual mode.
Current car AI systems aren't perfect. He even says in the video that they don't handle snow. But, a system with known limitations that preforms well in its competency zone is nothing to sneeze at.
That's good for you.
One of the big things this should allow is more people following your path to citizenship. I think one of the things Americans dislike about the H1B visa program are the number of people who don't stay, or have companies that make it difficult to obtain citizenship without having the companies boot on there necks.
Just look at the GAO report on the issue. The largest employers of H1B visa workers are staffing firms. Quite a few of which use the H1B as a job training visa. Then they can outsource the job back to India.
You forgot flouting the GPL at every turn.
Just try to get the source code for some of there products.
I like the phone design, but everything else makes sure that I will be avoiding HTC in the future.
Honestly, why do people hate on products that obviously don't meet there needs?
I understand being upset that something doesn't have what you want, but bashing the creators over and over again just gets old. If it doesn't do what you want, then just don't use it.
Wayland is designed to be much lighter than X11. It does this by offloading as much as possible onto either the kernel or the application. There are pros and cons to doing things this way. Just because you don't think it's worth it, doesn't mean you should be rude to the people who disagree. /End Rant
It's hidden behind the fourth link. http://elinux.org/Embedded_Open_Modular_Architecture/EOMA-68
It's a computer in the form factor of a PCMCIA card. The whole goal of the project is to have upgradable tablets and laptops. You just pop the old card out, and put a new one in.
It's a laudable goal, but more hardware manufacturers would need to support it. Honestly, at some point they need to come out with a high performance x86 one.
Watch some of the videos about EVE online's economy. The game designer even has an in house economist to keep track of it all.
The key is to add money sinks as well as money sources. For instance, money used to buy something from an NPC is gone. So, you can adjust the inflation within the game by both tweaking drops/rewards, and item prices.
Of course, most games just have an auction house, while EVE is an entire player based economy.
And how long have police radios relied on insecurity? That's the same question you're asking.
The protocol is very secure and error resistant. It is not, and never has been spoof resistant. All of these signals are unencrypted, and that's a good thing. I don't know about you, but I enjoy seeing where all the planes are. Or are you against open data?
Saying that you could modify the behavior of an airplane by spoofing these signals is like saying you could modify a cars behavior by spoofing GPS signals. Well duh, you can modify an instrument or two, but aircraft have a bunch of backups, the most important ones being the pilots. Actually, GPS spoofing doesn't even work against airliners. They have internal measurement units, and laser ring gyros as redundant backups. You have three fully separate systems voting on everything, including position information.
While someone could in theory spoof some messages, there are reasons why Die Hard 2 was stupid. The largest one being, that pilots have charts that they are required to keep updated, and look at before a flight. They know where they are, and they have good old fashioned paper maps of where everything else is, and it's elevation.
But, but then you couldn't be ticketed multiple times. Think of the lost revenue.
The thing is current systems will give a separate ticket for each data point. The difference is, you only have one or two data points per drive.
I think that's the automatic lane keeping feature. Something that should be mandatory in all cars.
Of course, I think all cars should come with adaptive cruise control with pedestrian detection. So make of it what you will.
https://www.youtube.com/watch?v=7Yd9Ij0INX0
Google's cars actually speed. The engineers quickly found (or knew beforehand) that obeying the traffic laws as written was a good way to either cause an accident, or never get to your destination.
Some companies do this.
I was pleasantly surprised to see a Century Link DSL modem/wifi router come preconfigured with a WPA2, and a random passwords. Both the admin password and the WPA2 password were printed on the sticker on the bottom.
If Century Link can do it, anyone should be able to.
I'm not so sure about some of that.
I watched the video: https://www.youtube.com/watch?feature=player_detailpage&v=DU8hg4FTm0g#t=1314s and didn't see anything on preventing rogue base stations for GSM. Of course, Verizon uses a CDMA network, so they may have extra precautions.
The part about using the 900MHz band didn't have anything to do with roaming. It had to do with legality. The frequency he's using is a ham radio frequency, and he's complying with FCC regs. https://www.youtube.com/watch?feature=player_detailpage&v=DU8hg4FTm0g#t=507s
Huh.
I learn something new every day.
It looks like the digital transition really helped them out.
It's a little more complicated than that.
It seems Verizon pushed an update to his specific wireless card. This update allowed it to receive phone calls, thus allowing them to "ping" him in particular. It also set the preferred tower list so that the stingray would always be connected to first.
The fun thing is that by modifying his wireless card, the FBI has "planted" a tracker on him. That requires a warrant. If this guy was such a big deal, then it shouldn't have been hard to get the warrant. The problem is the FBI didn't want anyone, even the judges, to know what cards they held. So even when they got there court order, it wasn't a warrant, and they misled the judge who issued the order. That's a big no no.
You forgot one important thing.
I'm pretty sure most broadcast licenses from the require that the content to not be encrypted.
Given just how much money companies are willing to pay the FCC for a slice of spectrum, the government wouldn't waste time "repossessing" their spectrum license.
But they can.
To boost range the signal has to be digitized first. That's what Aero does. If you read how Aero works, it's crazy from a technical perspective to stay legal.
When you subscribe to Aero you're renting your very own antenna hooked up to your own rented (virtual) dvr.
Think about how stupid that is. They have thousands of antennas hooked up to thousands of TV tuners to record the same show thousands of times.
They are legally prevented from preforming file-level deduplication. (This was a key issue why they won the last court battle)
If you want your own Aero setup it's easy. Just hook a dvr up to an antenna, and connect it to a Slingbox. Be sure to take pictures and send it to all those companies that are suing Aero. We could use another laugh.
That's for everything. Every window decoration you could ever want, every button, etc...
If you strip out everything that's not being used by the current program, you get something that's much smaller.
Folders with symlinks maybe.
The ease of use is incredible though. I love being able to have an E-Mail with multiple labels, and see/edit all of those labels easily.
It's 2013, and most E-Mail clients still treat an E-Mail with multiple labels as multiple copies. I can't easily search, edit, or even delete my E-Mail with anything but the gmail web interface.
Interesting, though slightly different.
Since the Russian Wikipedia is hosted in the US, there's not much that can be done there.
If any part of your infrastructure is located in a country that has declared itself hostile to your business, then you're doing it wrong.
ISPs might be asked to block the Russian Wikipedia, but that tends to go over so well with local populations. So, if Russia enjoys riots they can go that route.
A more likely route is to let the Wikimedia foundation members and donors know they would be arrested if Russia ever gets the chance. Basically, bullying the entire organization. While they could try what France did, but tell the person to shut up, it wouldn't work for very long. Especially if you and others are watching.
See this comment: http://ask.slashdot.org/comments.pl?sid=3622269&cid=43380739
It looks like some exposed services are vulnerable in a crashing two days later sort of way.
While it's nice that the problem was found, the goal isn't to dos the hospital. I would definitely let someone know about that problem. No one wants to be the guy who ignored the warning.
Actually, I would make sure everything is documented. Especially your conversation with the higher ups and lawyers.
For 99% of users it doesn't matter. Computers are the magic black boxes that either work or they don't.
While it might be fun to write a program that disables all thermal protections and stops the fans, it's quite a different challenge than a simple bitcoin miner.
I have enough trouble trying to set things using the officially provided drivers. Controlling hardware on an unknown machine... Anyone who could do that shouldn't have any trouble making quite a bit of money.
From what I understand, the trick is each miner goes through a search space. If it doesn't find anything, it requests another search space from the control server. If it does, it tells the control server about it. The control server then tells the rest of the world that it found this new bitcoin. If you shut down a machine during a search the control server eventually sees this and has another machine look through the same search space. This is basic parallel programming using a scatter-gather approach with a little bit of management on the server side.
As for the bitcoin itself. There's nothing anyone can do. There is no mechanism within the bitcoin system to declare a bitcoin to have been produced illegally. If the command and control server is shut down then the bitcoin wallet might very well be lost. In that case, the bitcoin is lost forever. See this CCC video about bitcoin loss, deflation, and why that's a bad thing. https://www.youtube.com/watch?feature=player_detailpage&v=-FaQNPCqG58#t=1137s As cool as bitcoin is, it has serious problems which will keep it from being used in day to day life. Hyped Example: http://www.newstatesman.com/economics/2013/04/bitcoin-hyperdeflation
The idea behind this malware is kind of neat though. It's not stealing log in credentials, so it doesn't need to do browser interception and then have the hacker physically dealing with banks. It doesn't preform ddos attacks or send spam, so it doesn't use any network resources except for talking to the command and control server. If it's written correctly, it should run at low priority with a small memory footprint. It might be using 100% CPU, but on a desktop machine, the user would probably never even know its there.