I'm on the fence about drink size... portion size is a tacit endorsement of expected "normal behavior". It's a gray area, but even so legislation seems a bit heavy handed... which may still be justifiable anyway in some cases, for lack of any better mechanism to simulate shame among the pathologically shameless.
Anyway, you're mostly on my wavelength... remember it's the fact that tobacco companies concealed information from the consumer that got them in legal trouble, and better information should be the case across more industry IMO.
That problem is not exclusive to socialized health care; it applies to any such insurance, obviously. (Just like the fictitious "death panels" would have be equally scary were they composed of corporate bean counters instead of government bureaucrats.)
Probably not as long as it takes them to seriously tackle PM2.5 air pollution and indoor air quality, which might be never. If it's a law that lets the majority of people feel superior to a smaller group of fellow citizens, it'll be pretty popular, but if it affects corporate bottom lines, it'll never see the light of day.
Actually the "First world Problem" was just an attempt at humor... some of us still have that, even in TrumpNation. I gladly contribute to many conversations on tech topics that have next to no social justice implications.
But this one just doesn't interest me for some reason... I can see the issue of licensing vs cloud compute providers but it doesn't quite pass muster as something that only a tiny handful even of the geek sub-population would even care to know about. From a business perspective, I guess people hate Oracle and like to cheer on its self-inflicted demise, but this move would be more appropriate as one detail in a list of things Oracle does to shoot itself in the foot, rather than an entire news article.
Eh, but a even stopped clock is right twice a day. Though I wouldn't expect any action around the H-2B program considering how crucial it is to his hotel and resort businesses.
You know, even avoiding mass panic for a mostly-harmless air-burst (or perhaps making nuclear weapons trigger fingers less itchy) with a heads up might be worth it, and, if we did find out with decades of warning, we'd have one hell of a fire under our ass to come up with a solution, so who knows what we might come up with.
Depending on what features you are using the attack surface can be very small on these, so even if you don't have an out-of-band management system (or no management system, if you don't need to change the config enough for running to the closet with a console cable and a laptop to be a chore) they can be pretty much hack-proof.
I personally witnessed a take out of a Novell 2.x file server which had a 16 year uptime. This was for a school system, and they had forgotten where the file server was. Stuffed in the back of a janitorial closet, and dust covered.
I'll go one better on that... I know of one that was up for a couple of decades and finally failed, and when they went looking for it, they had to break through some drywall into an odd corner of a closet where it had accidentally been sealed off by construction contractors.
Also, people showing those effects while high should forget about ANY substance that plays with serotonin levels.
I'm not going to go into details, but from personal experience I don't think that's a good rule... I'll just say effects of different drugs are, well, quite different from each other, even if they both alter serotonin levels.
The advantage of having enemies with soft IT targets is you get to practice your cyber attacks and hone your skills with little downside risk that you are exposing your capabilities.
The U.S. has (at least up to now, we'll see) had some level of ethics preventing them from instigating territorial aggressions or just callously using small countries as target practice, and unlike traditional military where you can make a show of strength just by holding a parade, in cyber you'd be a fool to show off for fear of allowing adversaries to see your weapons and build defenses for them.
All physical and RF ports, actually, not just USB, plus all unnecessary services not needed on the OOB management network you may or may not be lucky enough to have instead of VPNing over the internet. And you have to keep them locked down as you upgrade tens to hundreds of different operating systems across multiple vendors across multiple device hardware models. Which means thoroughly testing that the vendor didn't accidentally break the option setting that turns them off... if you were lucky enough to have it in the first place.
People who are not in IT, or are in IT but have a nice monolithic setup where you have 2-3 server OSes, one monolithic datacenter top-of-rack OS/switch, and maybe an intellegent power strip and UPS in the mix and maybe a SAN or load balancer, have no idea what a challenge this actually is to accomplish in a large heterogeneous network that does a lot more than serve webpages, engage in HFT, or mine bitcoins.
3) is sometimes an option... license keys or hardware inventory can get in the way here. It's also pretty labor intensive. 4) generally isn't as there are not enterprise-grade open-source alternatives (and often custom hardware, many times already running a custom linux.)
Manning will definitely lose her right to own a gun and voting rights.
...the latter depends on the state she decides to reside in. Not all states prohibit it. Really, none should, it's a knee-jerk idiot policy, except in the case where a large jail population would run a local town government. But nationally or statewide, if your country has so many felons you have to take away their right to vote for fear of that sort of thing, your country has bigger problems.
The point being, that dump is not human readable, and almost nobody at the company can really tell you "it has no keys in it" because they don't know, nevermind how to redact the keys. Basically you are left with two options: redact every bit of binary data that could possibly contain a key, possibly breaking the dump in a way that prevent TAC/engineering from using it (say, if they have a visualization tool that needs to load it, or they want to replicate by loading it onto test equipment.) Or, second option, fight with TAC over whether they need the data, drag your manager into the fight to insist that they fix the problem without the dump, and overall spend 20 times more hours on the problem than you would have otherwise.
Guess which one most IT staff choose. Now, since almost nobody puts their foot down on this, think how easy it is for PHB at the vendor to say "well apparently all our customers trust us, so let's just automate the data collection so we always have it on file, automatically."
It's all the same progressive disease riding in on devops coattails.
The problem is endemic far and beyond Microsoft. While the data on your PC is something people take personally, other companies performing tech support for products less often encountered by end-users are playing it fast and loose with their customer's data in the name of support.
In the networking space, if you call in any request to fix or enhance a product, the front line TAC these days has been told to have you collect a pretty thorough dump of the device configuration database. These databases are not necessarily in any sort of human readable form, but those who know what to look for can easily see that they often include private crypto keys, password hashes or sometimes even cleartext passwords, and more detail about the internal layout of the most sensitive parts of the customer's network than would be needed to solve a technical problem.
This is plausibly just because these companies have not had enough customers complain, and assigned development the task of omitting potentially sensitive data from these "tech dumps"; But it doesn't take horribly much tinfoil to imagine there could be compromised policy-setters at these companies who stand ready to step on any attempt to rectify this situation.
Finally, to top it off there is a trend to either transfer these files over email since huge attachments are no longer a problem on modern email systems, or to outsource file uploads to dropbox-ish cloud service providers.
So, it would not surprise me if there were quite a few spooks... foreign, domestic, and industrial... working at support departments in major corporations, though the more resourced agencies may not even need to do even that given the lack of hygiene exercised in transferring these files to and around the corporate TAC.
If it gets refused a floor vote is the thing to watch. This is one issue that does tend to peel some R's off from the pack and has enjoyed support from a bipartisan minority.
Slashdot Mirror
I'm on the fence about drink size... portion size is a tacit endorsement of expected "normal behavior". It's a gray area, but even so legislation seems a bit heavy handed... which may still be justifiable anyway in some cases, for lack of any better mechanism to simulate shame among the pathologically shameless.
Anyway, you're mostly on my wavelength... remember it's the fact that tobacco companies concealed information from the consumer that got them in legal trouble, and better information should be the case across more industry IMO.
That problem is not exclusive to socialized health care; it applies to any such insurance, obviously. (Just like the fictitious "death panels" would have be equally scary were they composed of corporate bean counters instead of government bureaucrats.)
Probably not as long as it takes them to seriously tackle PM2.5 air pollution and indoor air quality, which might be never. If it's a law that lets the majority of people feel superior to a smaller group of fellow citizens, it'll be pretty popular, but if it affects corporate bottom lines, it'll never see the light of day.
Actually the "First world Problem" was just an attempt at humor... some of us still have that, even in TrumpNation. I gladly contribute to many conversations on tech topics that have next to no social justice implications.
But this one just doesn't interest me for some reason... I can see the issue of licensing vs cloud compute providers but it doesn't quite pass muster as something that only a tiny handful even of the geek sub-population would even care to know about. From a business perspective, I guess people hate Oracle and like to cheer on its self-inflicted demise, but this move would be more appropriate as one detail in a list of things Oracle does to shoot itself in the foot, rather than an entire news article.
Well, as long as they don't screw it up, either accidentally or on-purpose. I'd wonder what "loopholes" are being referred to.
Eh, but a even stopped clock is right twice a day. Though I wouldn't expect any action around the H-2B program considering how crucial it is to his hotel and resort businesses.
You know, even avoiding mass panic for a mostly-harmless air-burst (or perhaps making nuclear weapons trigger fingers less itchy) with a heads up might be worth it, and, if we did find out with decades of warning, we'd have one hell of a fire under our ass to come up with a solution, so who knows what we might come up with.
Bring a flashlight. And rope. And beware of the leopard.
Out of morbid curiosity, what qualifies as "supported"?
There is no way to make a 100% secure networked operating system
Got a mathematical proof for that statement? Because that's what's requited for such a claim.
Depending on what features you are using the attack surface can be very small on these, so even if you don't have an out-of-band management system (or no management system, if you don't need to change the config enough for running to the closet with a console cable and a laptop to be a chore) they can be pretty much hack-proof.
I personally witnessed a take out of a Novell 2.x file server which had a 16 year uptime. This was for a school system, and they had forgotten where the file server was. Stuffed in the back of a janitorial closet, and dust covered.
I'll go one better on that... I know of one that was up for a couple of decades and finally failed, and when they went looking for it, they had to break through some drywall into an odd corner of a closet where it had accidentally been sealed off by construction contractors.
I'd have chosen Voice of America as the foil there, given how Trump just turned it over to some breitbartish characters.
Also, people showing those effects while high should forget about ANY substance that plays with serotonin levels.
I'm not going to go into details, but from personal experience I don't think that's a good rule... I'll just say effects of different drugs are, well, quite different from each other, even if they both alter serotonin levels.
Emergency meeting to discuss that someone should register the "moz" URI scheme with IANA immediately!
The advantage of having enemies with soft IT targets is you get to practice your cyber attacks and hone your skills with little downside risk that you are exposing your capabilities.
The U.S. has (at least up to now, we'll see) had some level of ethics preventing them from instigating territorial aggressions or just callously using small countries as target practice, and unlike traditional military where you can make a show of strength just by holding a parade, in cyber you'd be a fool to show off for fear of allowing adversaries to see your weapons and build defenses for them.
All physical and RF ports, actually, not just USB, plus all unnecessary services not needed on the OOB management network you may or may not be lucky enough to have instead of VPNing over the internet. And you have to keep them locked down as you upgrade tens to hundreds of different operating systems across multiple vendors across multiple device hardware models. Which means thoroughly testing that the vendor didn't accidentally break the option setting that turns them off... if you were lucky enough to have it in the first place.
People who are not in IT, or are in IT but have a nice monolithic setup where you have 2-3 server OSes, one monolithic datacenter top-of-rack OS/switch, and maybe an intellegent power strip and UPS in the mix and maybe a SAN or load balancer, have no idea what a challenge this actually is to accomplish in a large heterogeneous network that does a lot more than serve webpages, engage in HFT, or mine bitcoins.
3) is sometimes an option... license keys or hardware inventory can get in the way here. It's also pretty labor intensive.
4) generally isn't as there are not enterprise-grade open-source alternatives (and often custom hardware, many
times already running a custom linux.)
Manning will definitely lose her right to own a gun and voting rights.
...the latter depends on the state she decides to reside in. Not all states prohibit it. Really, none should, it's a knee-jerk idiot policy, except in the case where a large jail population would run a local town government. But nationally or statewide, if your country has so many felons you have to take away their right to vote for fear of that sort of thing, your country has bigger problems.
The point being, that dump is not human readable, and almost nobody at the company can really tell you "it has no keys in it" because they don't know, nevermind how to redact the keys. Basically you are left with two options: redact every bit of binary data that could possibly contain a key, possibly breaking the dump in a way that prevent TAC/engineering from using it (say, if they have a visualization tool that needs to load it, or they want to replicate by loading it onto test equipment.) Or, second option, fight with TAC over whether they need the data, drag your manager into the fight to insist that they fix the problem without the dump, and overall spend 20 times more hours on the problem than you would have otherwise.
Guess which one most IT staff choose. Now, since almost nobody puts their foot down on this, think how easy it is for PHB at the vendor to say "well apparently all our customers trust us, so let's just automate the data collection so we always have it on file, automatically."
It's all the same progressive disease riding in on devops coattails.
A difference of degree only, with the trend going in the wrong direction in both cases. Neither is acceptable.
The problem is endemic far and beyond Microsoft. While the data on your PC is something people take personally, other companies performing tech support for products less often encountered by end-users are playing it fast and loose with their customer's data in the name of support.
In the networking space, if you call in any request to fix or enhance a product, the front line TAC these days has been told to have you collect a pretty thorough dump of the device configuration database. These databases are not necessarily in any sort of human readable form, but those who know what to look for can easily see that they often include private crypto keys, password hashes or sometimes even cleartext passwords, and more detail about the internal layout of the most sensitive parts of the customer's network than would be needed to solve a technical problem.
This is plausibly just because these companies have not had enough customers complain, and assigned development the task of omitting potentially sensitive data from these "tech dumps"; But it doesn't take horribly much tinfoil to imagine there could be compromised policy-setters at these companies who stand ready to step on any attempt to rectify this situation.
Finally, to top it off there is a trend to either transfer these files over email since huge attachments are no longer a problem on modern email systems, or to outsource file uploads to dropbox-ish cloud service providers.
So, it would not surprise me if there were quite a few spooks... foreign, domestic, and industrial... working at support departments in major corporations, though the more resourced agencies may not even need to do even that given the lack of hygiene exercised in transferring these files to and around the corporate TAC.
If it gets refused a floor vote is the thing to watch. This is one issue that does tend to peel some R's off from the pack and has enjoyed support from a bipartisan minority.