You'd think someone in product development would have been smart enough to say "hey, we should only store post-processed voiceprint data not raw speech so we don't have to deal with legal bullshit."
It really doesn't matter for the most important use case, because X.509 does not have a way to use more than one hash in a certificate.
And there's a patent for that (US7793097, US20080270788), so unless the owners decide to be benevolent, there's a roadblock to actually implementing it.
implying increased general physical activity might be harmful flys in the face of logic
It flies in the face of American puritan mores, for sure, but not in the face of logic.
Given some of the recent research questioning whether the point of diminishing returns for general physical activity is lower than generally thought, and pointing out that not all types of physical activity is actually beneficial (housework apparently doesn't help much at all), and the known negative effects of a life of "hard work" it is reasonable to staunch your knee-jerk prejudices and look at evidence rationally... though we have precious little evidence compared to the amount that is assessable.
There's no question that there is substantial evidence that some people can benefit from more exercise. Most people just assume that means everyone can. Fitbit gadgeteers are only being marginally more responsible than idiots who make fatty jokes on social media... at least there is (I hope) fine print somewhere in the product literature saying to consult your doctor before forcing large changes in your physical activity levels.
A lot of people don't have any individual to call "my doctor" and an app may ask you to do unusual things or things that push you past limits that you are unaware of.
Answering questions like that is why we need scientific study. The answer could quite well vary greatly depending on the individual.
Also answering whether having an app tell you to get off your ass actually does get you off your ass will vary greatly. Personally I'm so contrarian I go out for a cigarette every time I see an anti-smoking TV ads. Except for the tiny guy in the wife-beater. That one's actually funny and somewhat true.
No app is going to force me to do something I'm not capable of just because it says on the screen that I should.
If your liver is not working right, and an app advises you to eat certain amounts of certain foods, you won't know you were not capable of eating those foods until your doctor is telling you you have only 4 days to live unless you luck into a liver transplant.
You're right though, the claim "I'm sure they are doing harm" would require some evidence.
Of course there's no science behind 95% (guess) of apps that really need science behind them. Science does not fit well into a devops release schedule.
I don't know whether to view this as the inevitable creep of snake oil into every market orifice, or tech giving snake oil a shot in the arm by virtue of people thinking "well, it took smart tech people to make this sniny modern 'app' so it must have the blessing of smart people."
I couldn't find a public "check my phone" link, or I'd've tried it.
I believe that would be because your phone is not enrolled in an MDM manager.
From the article: "Stethoscope is a web application that collects information for a given user's devices"
This implies it is a web app that, by itself, checks your device and maybe even enumerates/discovers your devices. That would make it a scary security hole rather than a security tool since web apps really should not be able to access any state of health information on a device (though some is quite leakable these days.)
Fortunately it appears not to be. It seems to be just a way to put a pretty front-end on devices that are using other installable agents to assess their security. It goes to the backend databases of those agents, assuming you have an account on them which is available through an SSO system or other authenticator, and pulls information they have previously collected. Unless you have those backend egents installed and a database set up for them to report to, this tool isn't for you. Basically it's for the enterprise.
Kudos to them for releasing their internal tools to github, though, I'm sure they will get some valuable additions from the community.
I only said going half-assed is futile, not that it is futile in general. You have to go full tinfoil if you want a technical fix, and that there are non-technical fixes which could disincentivise the behavior.
Unless that official is Kellyanne Conway, in which case, she provides information which sounds correct and then Trump says, "no really we're going the batshit crazy route on this one, ignore her."
At some point the technical battle against meta-surveillance must simply be declared lost unless you want to go full Tor, dress up in an airtight jumpsuit, and learn how to navigate the sewer systems.
It can only be fought on a legal and economic front... also it's really the integrity, ethics, motivations, and cultural longevity of the institutions doing it that matter more than the act itself. On the bright side, maybe once the consequences of individualized attention by self-interested corporations and governments both foreign and domestic starts to sting the general public a bit more, that will increase the market/political value of integrity and ethics, above what seems to right now be pretty much nil.
The answer to TFAs dilemna is "neither is responsible." Security is the responsibility of your designated cybersecurity officer. If you don't have one, you are doing it wrong. You need someone who can focus solely on security tech and policies. IT should be security-tech-aware as far as they can without losing focus on actual IT equipment, and C-suite should be security-policy-aware without micromanaging security (and a bit of big picture over both of those sides doesn't hurt.) You don't want IT guys spending their time learning to chase geese in the firewall logs when they have other tech topics that need their brainshare, and you don't want PHB spending all his time in meetings about properly running an in-house CA when they should be tending to whatever it is PHBs do these days.
Heck my IT operation is tiny and the first actual tech we hired when we got the rare opportunity to hire a tech was a security officer.
Clearly it isn't sufficient to just defend yourself if you want peace.
In a multi-lateral situation you need to form a community that represents a plurality if not a majority of military power system-wide that agrees to act responsibly and be open enough that other nations can be pretty sure they aren't just appearing to act responsibly.
Once you have that you shun the worst offenders among those not in the community to deprive but not destroy them, offering them paths back into favor if they start behaving like adults. Some (like North Korea) will take a while to get over their tantrum and realize sitting at the kids table isn't as much fun as it used to be, others will start reforming themselves earlier.
Then once this all appears to be more or less working or at least maybe possible to get working, you get people angry that they don't have an in-ground pool and that they get called assholes for refusing to frost wedding cakes for gay people to elect an erratic know-nothing to direct one of the leading voices in the community to ignore the fact that one of the kids just wiped snot on the silverware. Wait no, skip that step, it must be a typo, nobody would want that.
Anyway, as much as I detest the business culture MS stands for, I think they are right... responsible nations need to establish what acceptable behavior is, and then start to apply some peer pressure.
We're lucky to get 5 years out of a Pb battery pack in our network rack UPSs. Given how they are situated, it'd save us a good deal of labor to have a longer operating lifetime... and these batteries are only deep cycled a few times a year during power outages. That major UPS vendors haven't floated models with longer time between maintenance, regardless of the chemistry used, makes me reach for my tinfoil hat.
If it's a flow battery, no. These use two electrolytes and an exchange membrane, there's no reaction between the liquid and solid parts, just a diversion of electrons stripped off hydrogen as they try to find their way to a proton, which has crossed the membrane. The chemicals are there to provide the redox potential that frees the protons from water so they can migrate.
Flow batteries probably will never compete for mass energy density with other types of cells. Their main attraction is in storing large amounts of energy relative to the amount of power you need to put in or out of it. They are for long-term (days or weeks is "long-term" for power-grid purposes) storage, and in their "true" form you can upgrade the total energy storage capacity by expanding the amount of electrolyte... you don't need to touch the stack at all, just bolt on bigger liquid tanks and fill them.
I wonder whether having political venting articles cuts down on the amount of injection of politics into other threads... I mean... not that that does not happen a lot, but what if it happened even more.
Also, why is it the complaints about political threads are much more common when the political thread is unfavorable to the right? Can the right just not take bad press without their snowflakes being crushed?
Thanks, I must have misremembered and/or assumed differently at the time. I do remember being rather frustrated trying to build a single "all media reader" system crammed with every type of drive, before networking became common fair on home computers.
$ ping 010.010.010.010 PING 010.010.010.010 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=20.7 ms
I actually solved a problem in modern times that was vexing our desktop support folks and LANDesk tech support for a solid week after taking a packet dump, seeing a WoL packet was going to the wrong network, and eventually remembering this arcane knowledge... "Oh I bet I know what's happening!"
Yeah, not having ever dealt with modems is probably why browser developers scrapped resumable FTP/HTTP downloading capabilities. Which can still be useful in certain situations. We throw away these tools when they no longer seem needed, and then make horrendous hack jobs to work around the corner cases they still filled.
I wonder how many younguns even know of the existence of the split command.
Slashdot Mirror
I feel like almost all reporting is negative nowadays.
Yeah, it's totally negative. The worst. Really awful. How can people be so horribly negative. Sad!
You'd think someone in product development would have been smart enough to say "hey, we should only store post-processed voiceprint data not raw speech so we don't have to deal with legal bullshit."
It really doesn't matter for the most important use case, because X.509 does not have a way to use more than one hash in a certificate.
And there's a patent for that (US7793097, US20080270788), so unless the owners decide to be benevolent, there's a roadblock to actually implementing it.
Tell that to the 100 to 200 people who die from accidental acetaminophin overdose each year in the U.S.
implying increased general physical activity might be harmful flys in the face of logic
It flies in the face of American puritan mores, for sure, but not in the face of logic.
Given some of the recent research questioning whether the point of diminishing returns for general physical activity is lower than generally thought, and pointing out that not all types of physical activity is actually beneficial (housework apparently doesn't help much at all), and the known negative effects of a life of "hard work" it is reasonable to staunch your knee-jerk prejudices and look at evidence rationally... though we have precious little evidence compared to the amount that is assessable.
There's no question that there is substantial evidence that some people can benefit from more exercise. Most people just assume that means everyone can. Fitbit gadgeteers are only being marginally more responsible than idiots who make fatty jokes on social media... at least there is (I hope) fine print somewhere in the product literature saying to consult your doctor before forcing large changes in your physical activity levels.
A lot of people don't have any individual to call "my doctor" and an app may ask you to do unusual things or things that push you past limits that you are unaware of.
isn't that likely to be a net health positive?
Answering questions like that is why we need scientific study. The answer could quite well vary greatly depending on the individual.
Also answering whether having an app tell you to get off your ass actually does get you off your ass will vary greatly. Personally I'm so contrarian I go out for a cigarette every time I see an anti-smoking TV ads. Except for the tiny guy in the wife-beater. That one's actually funny and somewhat true.
No app is going to force me to do something I'm not capable of just because it says on the screen that I should.
If your liver is not working right, and an app advises you to eat certain amounts of certain foods, you won't know you were not capable of eating those foods until your doctor is telling you you have only 4 days to live unless you luck into a liver transplant.
You're right though, the claim "I'm sure they are doing harm" would require some evidence.
Of course there's no science behind 95% (guess) of apps that really need science behind them. Science does not fit well into a devops release schedule.
I don't know whether to view this as the inevitable creep of snake oil into every market orifice, or tech giving snake oil a shot in the arm by virtue of people thinking "well, it took smart tech people to make this sniny modern 'app' so it must have the blessing of smart people."
I couldn't find a public "check my phone" link, or I'd've tried it.
I believe that would be because your phone is not enrolled in an MDM manager.
From the article: "Stethoscope is a web application that collects information for a given user's devices"
This implies it is a web app that, by itself, checks your device and maybe even enumerates/discovers
your devices. That would make it a scary security hole rather than a security tool since web apps really
should not be able to access any state of health information on a device (though some is quite leakable these days.)
Fortunately it appears not to be. It seems to be just a way to put a pretty front-end on devices that are using other
installable agents to assess their security. It goes to the backend databases of those agents, assuming you have an
account on them which is available through an SSO system or other authenticator, and pulls information
they have previously collected. Unless you have those backend egents installed and a database set up
for them to report to, this tool isn't for you. Basically it's for the enterprise.
Kudos to them for releasing their internal tools to github, though, I'm sure they will get some valuable
additions from the community.
The six-continent combined-Eurasia model is mostly used in Russia, Eastern Europe, and Japan.
(joke) Obviously this is Russian propaganda (/joke)
By the way, there are five senses:
1) Sight 2) Hearing 3) Smell 4) Taste 5) Touch 6) Balance 7) Proprioception .... and so on.
I only said going half-assed is futile, not that it is futile in general. You have to go full tinfoil if you want a technical fix, and that there are non-technical fixes which could disincentivise the behavior.
Unless that official is Kellyanne Conway, in which case, she provides information which sounds correct and then Trump says, "no really we're going the batshit crazy route on this one, ignore her."
At some point the technical battle against meta-surveillance must simply be declared lost unless you want to go full Tor, dress up in an airtight jumpsuit, and learn how to navigate the sewer systems.
It can only be fought on a legal and economic front... also it's really the integrity, ethics, motivations, and cultural longevity of the institutions doing it that matter more than the act itself. On the bright side, maybe once the consequences of individualized attention by self-interested corporations and governments both foreign and domestic starts to sting the general public a bit more, that will increase the market/political value of integrity and ethics, above what seems to right now be pretty much nil.
The answer to TFAs dilemna is "neither is responsible." Security is the responsibility of your designated cybersecurity officer. If you don't have one, you are doing it wrong. You need someone who can focus solely on security tech and policies. IT should be security-tech-aware as far as they can without losing focus on actual IT equipment, and C-suite should be security-policy-aware without micromanaging security (and a bit of big picture over both of those sides doesn't hurt.)
You don't want IT guys spending their time learning to chase geese in the firewall logs when they have other tech topics that need their brainshare, and you don't want PHB spending all his time in meetings about properly running an in-house CA when they should be tending to whatever it is PHBs do these days.
Heck my IT operation is tiny and the first actual tech we hired when we got the rare opportunity to hire a tech was a security officer.
Clearly it isn't sufficient to just defend yourself if you want peace.
In a multi-lateral situation you need to form a community that represents a plurality if not a majority of military power system-wide that agrees to act responsibly and be open enough that other nations can be pretty sure they aren't just appearing to act responsibly.
Once you have that you shun the worst offenders among those not in the community to deprive but not destroy them, offering them paths back into favor if they start behaving like adults. Some (like North Korea) will take a while to get over their tantrum and realize sitting at the kids table isn't as much fun as it used to be, others will start reforming themselves earlier.
Then once this all appears to be more or less working or at least maybe possible to get working, you get people angry that they don't have an in-ground pool and that they get called assholes for refusing to frost wedding cakes for gay people to elect an erratic know-nothing to direct one of the leading voices in the community to ignore the fact that one of the kids just wiped snot on the silverware. Wait no, skip that step, it must be a typo, nobody would want that.
Anyway, as much as I detest the business culture MS stands for, I think they are right... responsible nations need to establish what acceptable behavior is, and then start to apply some peer pressure.
Really what they need to do is make it look as much as possible like a TV remote, because ass-dials just aren't funny enough anymore.
We're lucky to get 5 years out of a Pb battery pack in our network rack UPSs. Given how they are situated, it'd save us a good deal of labor to have a longer operating lifetime... and these batteries are only deep cycled a few times a year during power outages. That major UPS vendors haven't floated models with longer time between maintenance, regardless of the chemistry used, makes me reach for my tinfoil hat.
If it's a flow battery, no. These use two electrolytes and an exchange membrane, there's no reaction between the liquid and solid parts, just a diversion of electrons stripped off hydrogen as they try to find their way to a proton, which has crossed the membrane. The chemicals are there to provide the redox potential that frees the protons from water so they can migrate.
Flow batteries probably will never compete for mass energy density with other types of cells. Their main attraction is in storing large amounts of energy relative to the amount of power you need to put in or out of it. They are for long-term (days or weeks is "long-term" for power-grid purposes) storage, and in their "true" form you can upgrade the total energy storage capacity by expanding the amount of electrolyte... you don't need to touch the stack at all, just bolt on bigger liquid tanks and fill them.
I wonder whether having political venting articles cuts down on the amount of injection of politics into other threads... I mean... not that that does not happen a lot, but what if it happened even more.
Also, why is it the complaints about political threads are much more common when the political thread is unfavorable to the right? Can the right just not take bad press without their snowflakes being crushed?
Thanks, I must have misremembered and/or assumed differently at the time. I do remember being rather frustrated trying to build a single "all media reader" system crammed with every type of drive, before networking became common fair on home computers.
$ ping 010.010.010.010
PING 010.010.010.010 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=20.7 ms
I actually solved a problem in modern times that was vexing our desktop support folks and LANDesk tech support for a solid week after taking a packet dump, seeing a WoL packet was going to the wrong network, and eventually remembering this arcane knowledge... "Oh I bet I know what's happening!"
Geez, what's going on at all those "hackathons" then?
Yeah, not having ever dealt with modems is probably why browser developers scrapped resumable FTP/HTTP downloading capabilities. Which can still be useful in certain situations. We throw away these tools when they no longer seem needed, and then make horrendous hack jobs to work around the corner cases they still filled.
I wonder how many younguns even know of the existence of the split command.
Ahh yes the good old days of XOR-based linked lists.