First off, they paid for Harrison Ford, so they had to let him talk too much. In the book, Col. Graff doesn't say much. Also, Graff with his little aluminum thingie on his hand pulling in the kids in the battle room ("Use the force, Ford!") doesn't fit with the rest of the movie. Nowhere else do they have gravity control or tractor beams. Or magic.
We don't see much of Ender's development as a tactician. Ender is presented more as the Chosen One than the one who claws his way up to be the best. There's a flavor of M. Night Shyamalan ("The Last Airbender" and other overproduced turkeys) here.
As is typical of space battle scenes in movies today, the CG effects are great and the tactics are wrong. Battles are in way too tight a space, and everything is turning too tight and going too slowly. It's the George Lucas WWII biplane school of space battle. Big tactical idea: line up all the little ships as armor around the big unarmored ones. That dates back to the Roman legions, and went out when machine guns were developed.
This is the T-38 trainer. It's not a combat aircraft. The T-38 is fast and modern looking, but the first flight was in 1961. Back then, one in five fighter pilots died in accidents, without any help from the enemy. In the 1950s and 1960s, fighter pilots were viewed as expendable. It's not a career choice for the timid.
The T-38 has killed many pilots. Good ones. Four astronauts, four of the USAF Thunderbirds. Yet fighter jocks like to fly it. It's not as bad as it used to be - the original engines were unreliable.
The ejection seat has saved many T-38 pilots. The T-38 ejection seat blasts through the canopy to get the pilot out. There's a big spike on top of the seat to punch through the canopy.Here's the 1990 redesign for a canopy that will resist bird strikes. "The seat mounted cutting blade is virtually ineffective in cutting through materials which comply with Bird collision resistance." So toughening up the canopy meant a new ejection system. Fighter planes, which have tougher canopies (they're expected to be shot at) have such systems, which usually involve explosives shattering or releasing the canopy. The T-38 is just a trainer - no armor.
The T-38 later got an ejection seat upgrade with zero-zero capability (you can eject while parked on the ground, which is useful if you have a fire during engine start or a bad landing), and that seems to have a new canopy disposal system. They had to give up the tiny bit of luggage storage the T-38 had. One of the original Mercury astronauts (they were issued T-38s as personal transportation) was able to find a case that would just fit the T-38's space under the seat. But for a few weeks, he wouldn't tell the other astronauts where he got it.
Twitter prohibits spam filters. You're not allowed to write a Twitter client with a spam filter. If you do, Twitter will invalidate your OAuth code. So people actually see Twitter spam. That makes Twitter a spam magnet.
Of course they have huge numbers of fake users. Want to create some fake Twitter accounts? Just get Twitter Account Creator Bot: "... automatically creates thousands of accounts per day without any human intervention... " Now only $225. Also available: Twitter Follower Bot ("can follow thousands of profiles using keywords"), "Twitter IDs Grabber Bot", and "Twitter Tweets Replier Bot".
If you don't want to do it yourself, you can just buy Twitter accounts in bulk. 20,000 Twitter accounts for $400. That seems to be the going rate; BuyAccs.com also quotes $400 for 20,000 accounts (with avatar!).
Google+ and Facebook accounts cost about 5x as much from the same suppliers. When you see low, low pricing for bulk social network accounts, you can be sure the service isn't trying very hard to stop spammers.
There's no problem finding social network spamming services. They advertise openly. Just search Google for "bulk twitter accounts". You don't have to go on Black Hat World, build up a reputation, and get into the closed forums. You don't have to get "bulletproof servers" in some third world country. The social spammers aren't hiding.
(Ad: we could stop this by using SiteTruth to find spam links in tweets. I prototyped a Twitter client with spam filtering and tested it. But Twitter doesn't allow that. "Sponsored tweets" have to get through, you know.)
As one of the better retail consultants points out to retailers, you have a customer there all ready to give you their money and you're making them wait. That's a terrible mistake for a retailer. It means some people will go elsewhere next time. Some will even abandon their cart and walk out. Most retailers fail to get this.
One that does is The Gap. Notice that at a Gap store, there is no checkout clutter. There are no checkout-area displays. No impulse-buy items. There's a lot of empty counter space at checkout, and usually more than one check-out clerk. This encourages customers to bring multiple items to checkout, and discourages walk-outs because there's a line. Gap is very profitable despite a rather dull product line in a mature industry.
(This is also true on-line, which is why Amazon's "one click" checkout was so valuable an idea.)
So they're going to build a ARM-based desktop computer. Sort of like a netbook in worse packaging. Why?
If you want a basic 9 inch ARM tablet, buy one. They're really cheap. You can get one on Amazon for about $72. Dump Android and load up Linux if you like.
Google has other approaches to hiring. At one time, if you searched for topics associated with mathematical proof of correctness, you got a Google employment ad. I've been contacted by Google recruiting because of things I posted on Usenet comp.lang.c++ about how to improve the language. They do pay attention to who's doing what in computer science.
The striking thing about Google is that they've never developed a second profitable product. Revenue is still over 95% from ads, with 2/3 coming from search ads, and 1/3 from DoubleClick ("AdSense") ads. Google+, Android and Google Docs don't generate significant revenue. They're defensive measures against Facebook, Apple and Microsoft, respectively. All that brainpower, and no new profitable products in a decade.
"The best minds of my generation are thinking about how to make people click ads. That sucks." - Jeff Hammerbacher, Facebook research scientist
Why build a demo space out of shipping containers? The dimensions are awful.
The floating data center isn't a great idea, either. You have all the headaches of salt water corrosion. It's hard to get bulk power and data offshore. It's not cheaper than building on low-value land. The only justifications would be political. It might be useful if you had to bring up a big data center in a primitive area with little infrastructure.
Typical open source bug handling - reported in May 2013, somebody whines that that the test case for the bug is too big, someone else provides more details, bug is marked as confirmed, somebody tries it on OS-X, where it works, someone else demonstrates the failure with a small test case, posts screenshots, and shows that the PDF works on Linux Firefox but not Windows Firefox. After six months, zero progress on fixing it.
There's been a huge change in the Bitcoin world recently. There are now exchanges in China where you can buy Bitcoins for yuan very easily. This is a big deal, because exchanging yuan for other currencies is tightly restricted by the Peoples Bank of China via the State Administration of Exchange Control. Bitcoin provides a way around those restrictions.
This has caused a huge run-up in the price of Bitcoins. That could change at any moment if the People's Bank of China issues "guidance" on Bitcoin. There are comments from Bitcoin users in China that the acceptance of Bitcoins by a small subunit of Baidu was incorrectly interpreted as a signal from the government of China that buying Bitcoins was now OK.
"The mountains are high and the Emperor is far away."
In the paper era, the Early Bird had a little printing plant. By the end, it was down to 3 people and a Cold Fusion template.
It was never for DoD PR. It was more about pulling rather obscure stories, often about DoD procurement or administration, into a brief summary for DoD managers. Something like "Gen. Smith takes command of USARPAC" barely rates notice in the civilian press, but it's a big deal in the Army.
Today, you usually know who's calling before you answer. It may be appropriate to take a call if it's more important than the meeting. If you're in sales, a call from a major customer is probably more important than a meeting. If you're responsible for something operational, a call from someone reporting trouble is probably more important than the meeting.
As for reading texts, if you're in a meeting and the current meeting activity doesn't involve you, it's an effective use of your time. This is more of a large-meeting thing. Large meetings are generally nonproductive anyway.
Here are some existing over-the-power-line transmission systems usable for home control:
X10 Pro signals over the power line since 1978, and still works, despite having annoyed millions with their ads in the 1990s.
LonWorks - originally intended for home automation, but was too expensive in its early days. So it became a standard for commercial building automation. So robust electrically that it's used on subway trains to control auxiliary equipment (signs, lights, HVAC, etc.)
HomePlug - also known as IEEE 1901. Mostly used to pipe Ethernet packets around house-sized buildings. More bandwidth than needed for lighting and such, but there are HomePlug thermostats.
We don't need another one. Especially since the original article's link to the protocol definition is a dead link. And because making home automation run a web server with "node.js" is terrible from a security perspective. And because it's WiFi based, which means it won't go through some walls it needs to go through, and will go through some walls it shouldn't. With the power line systems you can put a low-pass filter after your meter and keep out external signals.
I read the original article, but I don't see any part where someone recorded what was going out the speaker and looked at it. If someone is sending data over audio, it will show on a scope. Clearly that's not going to do much unless the receiving side has some kind of modem code listening for it.
Then there are claims like "It seemed to send TLS encrypted commands in the HostOptions field of DHCP packets." Attacking via DHCP packets is plausible; DHCP clients get told a lot of things they're supposed to do, and some of the older vendor-specific extensions are very insecure. But TLS? TLS isn't used within the DHCP protocol itself. There's a way to store DHCP configuration info in an LDAP server and have a DHCP server access it via LDAP.
If someone is seeing strange DHCP packets, and reloading the BIOS won't help, it's possible that what's going on involves an attack via the network controller. The fancier network controller parts now have CPUs and EEPROM. This may be an attack which puts code in the network controller which in turn patches the BIOS.
The people studying this need to list exactly what network ICs the machines involved are using. Some network devices are too dumb to be used as an attack vector, but some have whole protocol stacks, WiFi support, remote administration support, etc. It would not be surprising if those were attackable.
If the machine has wireless networking hardware and the attack exploits the network controller, it may be able to do wireless networking even if the user thinks they have the hardware disabled. Time to open up the machine, clip onto the JTAG port on the network controller, and read out the device memory with a JTAG debugger. Compare the dumps with other machines.
Thunderbird as a client, IMAP server on a hosting account with spam filtering. No problems, no ads, no worrying about what will Google/Yahoo/Microsoft screw up next.
The problem is C's promotion rules. In C, when promoting integers to the next size up, typically to the minimum of "int", the rule is to use signed integers if the source type fits, even if the source type is unsigned.
I know. C's handling of integer overflow is "undefined". In Pascal, integer overflow was a detected error. DEC VAX computers could be set to raise a hardware exception on integer overflow, and about thirty years ago, I rebuilt the UNIX command line tools with that checking enabled. Most of them broke.
In the first release of 4.3BSD, TCP would fail to work with non-BSD systems during alternate 4-hour periods. The sequence number arithmetic had been botched due to incorrect casts involving signed and unsigned integers. I found that bug. It wasn't fun.
C's casual attitude towards integer overflow is why today's machines don't have the hardware to interrupt on it. Ada and Java do overflow checks, but the predominance of C sloppyness influenced hardware design too much.
I once wrote a paper, "Type Integer Considered Harmful" on this topic. One of my points was that unsigned arithmetic should not "wrap around" by default. If you want modular arithmetic, you should write something like n = (n +1) % 65536;. The compiler can optimize that into machine instructions that exploit word lengths when the hardware allows, and you'll get the same result on all platforms.
Going "private", right. The money supposedly comes from Silver Lake Venture Partners. But they don't have $24 billion. Most of it is borrowed. From banks. Which borrow it from the Fed at very low rates. Which creates Government debt to pay for it.
"Private equity" today is really equity to debt conversion. With interest rates so low, that's very attractive to management.
If you read Black Hat World, you find that CAPTCHAs are a solved problem for spammers and fake account creators. The better systems run them through several OCR programs in parallel. That knocks off about 67% of them. There's a lot of special casing involved, but from the spammer's viewpoint, this is a solved problem. Getting from 67% to 90% would be convenient, but humans aren't at 90%. If all the OCR programs give up, the problem is sent to an outsourced service where low-wage people solve CAPTCHAs all day.
The Black Hat forum system itself makes users play and win a short video game to lock out 'bots.
If you want an understanding of what "socialist" means in American political discourse (I'm guessing you're from the old country, given your sig and your spelling conventions), then search sometime for "AM talk radio" and listen in for a few hours. "Socialist" is little more than a pejorative. I truly wish we had some genuine socialists in the US...
Right. The current President of France is from the Socialist Party, which is one of the two big parties in France. France has universal socialized medical care - everyone legally resident in France is covered. France has free abortion on demand. France has a 35 hour work week and 5 weeks of vacation a year, enforced by law. Productivity per hour worked is one of the highest in the world, above US levels. The median wage per hour worked is one of the highest in Europe. France has energy independence, with 80% of electricity coming from nuclear power. Most education through college is Government-funded. Current tuition at French universities is about 200EUR/year.
France is a "social democracy". The French government doesn't own most businesses. Most employment is private. There's a lot of regulation, some of it petty, some of it historical going back to Napoleon. It's more annoying than serious.
I'd like to see a self-driving car avoid a "near-collision" state on the Capital Beltway during busy times. Or the MD I-270 of old (they've changed it a lot since I commuted on it) -- I (along with everyone else on the road) used to spend entire commutes in a "near-collision" state, sub-second following distances at ~65mph alternated with panic stops.
That's a classic control theory problem. You want to maintain a following distance as the speed of the car ahead changes, but there's lag due to reaction time. So you can get oscillation. Solutions are known.
Smart cruise controls already do this better than humans. With radar systems you have good range rate information. Vision isn't good at range rate, especially when it's changing. With good range rate info, you can servo on speed difference and range. You can buy such systems now; that's what "smart cruise" systems do. Here's an Audi A7 doing it.2014 Kia Those demos are in low-speed stop and go traffic. Here's a Porsche 991 doing 90 in a 55 zone on adaptive cruise control. Here's a Subaru Forester in stop and go freeway traffic in Los Angeles with smart cruise control, with speed varying from high speed down to zero and back.
Having worked on self-driving cars (2005 Grand Challenge), a few points:
The comment about minimizing "near-collision states" is significant. A near-collision state is one where a reasonable variance of the behavior of another vehicle could cause a collision. It's about predicting other-vehicle behavior. That's an important area to study. Aviation people put a lot of effort into minimizing near-misses, and it pays off.
Incidentally, Tesla's announcement that they're starting work on an "autopilot" is them playing catch-up. Audi, BMW, Cadillac, and Ford are already demoing automatic driving systems. It looks like Cadillac will be the first to ship hands-off highway driving, in 2015. All these early systems are highway driving only, although Cadillac includes stop-and-go driving in traffic jams. That's likely to be a very popular feature.
On the sensor side, more progress is needed, and it's coming.
That rotating LIDAR contraption on top of Google's self-driving cars is from Velodyne. It's 64 LIDAR units on a spinning turntable. That's a research device, not a production one. There are better ways to do LIDAR, but the cost needs to come down. The approaches used in the Kinect and the XBox One will not work outdoors in bright sunlight. Outdoor LIDAR systems work fine, but they're pulsed, not continuous. For a nanosecond, at one frequency (color) they far outshine the sun. But the total energy per pulse is low, so they're eye-safe. Currently, such devices are very expensive, but that's not for any good reason. It's because some exotic ICs have to be made in tiny quantities.
Radars are getting better, too. A decade ago, in the Grand Challenge, we had to use Eaton VORAD radars, which operate at 24GHz. These could reliably range cars, trucks, and larger bicycles, but not people at long range, or signposts. (Such radars return range, azimuth, and range rate; this isn't a speed gun. I used to have one of these looking out my window at at an intersection, with a display plotting the traffic.) Today's automotive radars are running at 77GHz, with plans to move to 79GHz. There's an effort to standardize on 79GHz internationally. Tripling the frequency, plus applying more compute power to the processing, means that most objects a car might hit are detectable. These radars are getting cheap and small, so a car will have enough of them to provide full-circle data. Long range is needed mostly in front; on the side and in back, much lower power can be used.
A key issue is a high viewpoint. This isn't just about obstacle detection. You also need to profile the road. This was a big deal for the off-road DARPA Grand Challenge, but even on paved roads you need to be able to detect junk on the pavement and potholes. Google has their sensor on top of the roof. This will probably be unacceptable in a production car. I'd go for flash LIDARs at the top corners of the front windows. One possibility is a narrow strip just above the windshield, to contain all the sensors. This is one way to combine vehicle aesthetics and field of view.
Cameras are useful, but computer vision is still kind of dumb. Distance from stereo only works at short ranges, and range rate info from cameras is poor. Digital cameras are so cheap now, so it's tempting to think they can do the whole job. Not yet. Computer vision isn't good enough. Tesla is probably putting too much hope into camera processing. You need cameras to recognize signs, traffic lights, and such. Also, you need multiple sensors because not all objects are visible on all sensors. Radars can't see insulators. Cameras can't see objects with little contrast against the background. LIDARs can't see some materials, such as the charcoal fabric used on many office chairs. Sensor fusion is essential.
They'd better ship the thing. There have been some large, overfunded Kickstarter projects that never shipped. Remember "Clang and the Pitfalls of Kickstarter"? Then there was the Form 1 low-cost 3D printer. Despite being way overfunded, the delivery date always seems to be four months away. It was four months away last December, and it's four months away now.
Slashdot Mirror
I have the same add-on available for both Google Chrome and Firefox. Firefox has about 100x as many users.
First off, they paid for Harrison Ford, so they had to let him talk too much. In the book, Col. Graff doesn't say much. Also, Graff with his little aluminum thingie on his hand pulling in the kids in the battle room ("Use the force, Ford!") doesn't fit with the rest of the movie. Nowhere else do they have gravity control or tractor beams. Or magic.
We don't see much of Ender's development as a tactician. Ender is presented more as the Chosen One than the one who claws his way up to be the best. There's a flavor of M. Night Shyamalan ("The Last Airbender" and other overproduced turkeys) here.
As is typical of space battle scenes in movies today, the CG effects are great and the tactics are wrong. Battles are in way too tight a space, and everything is turning too tight and going too slowly. It's the George Lucas WWII biplane school of space battle. Big tactical idea: line up all the little ships as armor around the big unarmored ones. That dates back to the Roman legions, and went out when machine guns were developed.
This is the T-38 trainer. It's not a combat aircraft. The T-38 is fast and modern looking, but the first flight was in 1961. Back then, one in five fighter pilots died in accidents, without any help from the enemy. In the 1950s and 1960s, fighter pilots were viewed as expendable. It's not a career choice for the timid.
The T-38 has killed many pilots. Good ones. Four astronauts, four of the USAF Thunderbirds. Yet fighter jocks like to fly it. It's not as bad as it used to be - the original engines were unreliable.
The ejection seat has saved many T-38 pilots. The T-38 ejection seat blasts through the canopy to get the pilot out. There's a big spike on top of the seat to punch through the canopy.Here's the 1990 redesign for a canopy that will resist bird strikes. "The seat mounted cutting blade is virtually ineffective in cutting through materials which comply with Bird collision resistance." So toughening up the canopy meant a new ejection system. Fighter planes, which have tougher canopies (they're expected to be shot at) have such systems, which usually involve explosives shattering or releasing the canopy. The T-38 is just a trainer - no armor.
The T-38 later got an ejection seat upgrade with zero-zero capability (you can eject while parked on the ground, which is useful if you have a fire during engine start or a bad landing), and that seems to have a new canopy disposal system. They had to give up the tiny bit of luggage storage the T-38 had. One of the original Mercury astronauts (they were issued T-38s as personal transportation) was able to find a case that would just fit the T-38's space under the seat. But for a few weeks, he wouldn't tell the other astronauts where he got it.
Twitter prohibits spam filters. You're not allowed to write a Twitter client with a spam filter. If you do, Twitter will invalidate your OAuth code. So people actually see Twitter spam. That makes Twitter a spam magnet.
Of course they have huge numbers of fake users. Want to create some fake Twitter accounts? Just get Twitter Account Creator Bot: "... automatically creates thousands of accounts per day without any human intervention ... " Now only $225. Also available: Twitter Follower Bot ("can follow thousands of profiles using keywords"), "Twitter IDs Grabber Bot", and "Twitter Tweets Replier Bot".
If you don't want to do it yourself, you can just buy Twitter accounts in bulk. 20,000 Twitter accounts for $400. That seems to be the going rate; BuyAccs.com also quotes $400 for 20,000 accounts (with avatar!). Google+ and Facebook accounts cost about 5x as much from the same suppliers. When you see low, low pricing for bulk social network accounts, you can be sure the service isn't trying very hard to stop spammers.
There's no problem finding social network spamming services. They advertise openly. Just search Google for "bulk twitter accounts". You don't have to go on Black Hat World, build up a reputation, and get into the closed forums. You don't have to get "bulletproof servers" in some third world country. The social spammers aren't hiding.
(Ad: we could stop this by using SiteTruth to find spam links in tweets. I prototyped a Twitter client with spam filtering and tested it. But Twitter doesn't allow that. "Sponsored tweets" have to get through, you know.)
This guy goes to 212 kph with the display showing "Service tire pressure system"?
As one of the better retail consultants points out to retailers, you have a customer there all ready to give you their money and you're making them wait. That's a terrible mistake for a retailer. It means some people will go elsewhere next time. Some will even abandon their cart and walk out. Most retailers fail to get this.
One that does is The Gap. Notice that at a Gap store, there is no checkout clutter. There are no checkout-area displays. No impulse-buy items. There's a lot of empty counter space at checkout, and usually more than one check-out clerk. This encourages customers to bring multiple items to checkout, and discourages walk-outs because there's a line. Gap is very profitable despite a rather dull product line in a mature industry.
(This is also true on-line, which is why Amazon's "one click" checkout was so valuable an idea.)
So they're going to build a ARM-based desktop computer. Sort of like a netbook in worse packaging. Why?
If you want a basic 9 inch ARM tablet, buy one. They're really cheap. You can get one on Amazon for about $72. Dump Android and load up Linux if you like.
Google has other approaches to hiring. At one time, if you searched for topics associated with mathematical proof of correctness, you got a Google employment ad. I've been contacted by Google recruiting because of things I posted on Usenet comp.lang.c++ about how to improve the language. They do pay attention to who's doing what in computer science.
The striking thing about Google is that they've never developed a second profitable product. Revenue is still over 95% from ads, with 2/3 coming from search ads, and 1/3 from DoubleClick ("AdSense") ads. Google+, Android and Google Docs don't generate significant revenue. They're defensive measures against Facebook, Apple and Microsoft, respectively. All that brainpower, and no new profitable products in a decade.
"The best minds of my generation are thinking about how to make people click ads. That sucks." - Jeff Hammerbacher, Facebook research scientist
Why build a demo space out of shipping containers? The dimensions are awful.
The floating data center isn't a great idea, either. You have all the headaches of salt water corrosion. It's hard to get bulk power and data offshore. It's not cheaper than building on low-value land. The only justifications would be political. It might be useful if you had to bring up a big data center in a primitive area with little infrastructure.
Mozilla's PDF renderer has trouble with larger math symbols, like sigmas and integrals.
Typical open source bug handling - reported in May 2013, somebody whines that that the test case for the bug is too big, someone else provides more details, bug is marked as confirmed, somebody tries it on OS-X, where it works, someone else demonstrates the failure with a small test case, posts screenshots, and shows that the PDF works on Linux Firefox but not Windows Firefox. After six months, zero progress on fixing it.
There's been a huge change in the Bitcoin world recently. There are now exchanges in China where you can buy Bitcoins for yuan very easily. This is a big deal, because exchanging yuan for other currencies is tightly restricted by the Peoples Bank of China via the State Administration of Exchange Control. Bitcoin provides a way around those restrictions.
This has caused a huge run-up in the price of Bitcoins. That could change at any moment if the People's Bank of China issues "guidance" on Bitcoin. There are comments from Bitcoin users in China that the acceptance of Bitcoins by a small subunit of Baidu was incorrectly interpreted as a signal from the government of China that buying Bitcoins was now OK.
"The mountains are high and the Emperor is far away."
In the paper era, the Early Bird had a little printing plant. By the end, it was down to 3 people and a Cold Fusion template.
It was never for DoD PR. It was more about pulling rather obscure stories, often about DoD procurement or administration, into a brief summary for DoD managers. Something like "Gen. Smith takes command of USARPAC" barely rates notice in the civilian press, but it's a big deal in the Army.
Today, you usually know who's calling before you answer. It may be appropriate to take a call if it's more important than the meeting. If you're in sales, a call from a major customer is probably more important than a meeting. If you're responsible for something operational, a call from someone reporting trouble is probably more important than the meeting.
As for reading texts, if you're in a meeting and the current meeting activity doesn't involve you, it's an effective use of your time. This is more of a large-meeting thing. Large meetings are generally nonproductive anyway.
Here are some existing over-the-power-line transmission systems usable for home control:
We don't need another one. Especially since the original article's link to the protocol definition is a dead link. And because making home automation run a web server with "node.js" is terrible from a security perspective. And because it's WiFi based, which means it won't go through some walls it needs to go through, and will go through some walls it shouldn't. With the power line systems you can put a low-pass filter after your meter and keep out external signals.
I read the original article, but I don't see any part where someone recorded what was going out the speaker and looked at it. If someone is sending data over audio, it will show on a scope. Clearly that's not going to do much unless the receiving side has some kind of modem code listening for it.
Then there are claims like "It seemed to send TLS encrypted commands in the HostOptions field of DHCP packets." Attacking via DHCP packets is plausible; DHCP clients get told a lot of things they're supposed to do, and some of the older vendor-specific extensions are very insecure. But TLS? TLS isn't used within the DHCP protocol itself. There's a way to store DHCP configuration info in an LDAP server and have a DHCP server access it via LDAP.
If someone is seeing strange DHCP packets, and reloading the BIOS won't help, it's possible that what's going on involves an attack via the network controller. The fancier network controller parts now have CPUs and EEPROM. This may be an attack which puts code in the network controller which in turn patches the BIOS.
The people studying this need to list exactly what network ICs the machines involved are using. Some network devices are too dumb to be used as an attack vector, but some have whole protocol stacks, WiFi support, remote administration support, etc. It would not be surprising if those were attackable.
I've expected attacks via network controllers for years. That's been used to attack servers. There's a known attack on PCI controllers which can survive rebooting and reloading the BIOS.
If the machine has wireless networking hardware and the attack exploits the network controller, it may be able to do wireless networking even if the user thinks they have the hardware disabled. Time to open up the machine, clip onto the JTAG port on the network controller, and read out the device memory with a JTAG debugger. Compare the dumps with other machines.
An interrupt is not a good way to handle integer overflow, especially since it is often the desired behaviour.
Very seldom, if ever, is integer overflow desired behavior. Other that for computing simple checksums, there are very few use cases.
Thunderbird as a client, IMAP server on a hosting account with spam filtering. No problems, no ads, no worrying about what will Google/Yahoo/Microsoft screw up next.
"Free" is too expensive.
The problem is C's promotion rules. In C, when promoting integers to the next size up, typically to the minimum of "int", the rule is to use signed integers if the source type fits, even if the source type is unsigned.
I know. C's handling of integer overflow is "undefined". In Pascal, integer overflow was a detected error. DEC VAX computers could be set to raise a hardware exception on integer overflow, and about thirty years ago, I rebuilt the UNIX command line tools with that checking enabled. Most of them broke.
In the first release of 4.3BSD, TCP would fail to work with non-BSD systems during alternate 4-hour periods. The sequence number arithmetic had been botched due to incorrect casts involving signed and unsigned integers. I found that bug. It wasn't fun.
C's casual attitude towards integer overflow is why today's machines don't have the hardware to interrupt on it. Ada and Java do overflow checks, but the predominance of C sloppyness influenced hardware design too much.
I once wrote a paper, "Type Integer Considered Harmful" on this topic. One of my points was that unsigned arithmetic should not "wrap around" by default. If you want modular arithmetic, you should write something like n = (n +1) % 65536;. The compiler can optimize that into machine instructions that exploit word lengths when the hardware allows, and you'll get the same result on all platforms.
Going "private", right. The money supposedly comes from Silver Lake Venture Partners. But they don't have $24 billion. Most of it is borrowed. From banks. Which borrow it from the Fed at very low rates. Which creates Government debt to pay for it.
"Private equity" today is really equity to debt conversion. With interest rates so low, that's very attractive to management.
This is "quantitative easing" at work.
If you read Black Hat World, you find that CAPTCHAs are a solved problem for spammers and fake account creators. The better systems run them through several OCR programs in parallel. That knocks off about 67% of them. There's a lot of special casing involved, but from the spammer's viewpoint, this is a solved problem. Getting from 67% to 90% would be convenient, but humans aren't at 90%. If all the OCR programs give up, the problem is sent to an outsourced service where low-wage people solve CAPTCHAs all day.
The Black Hat forum system itself makes users play and win a short video game to lock out 'bots.
If you want an understanding of what "socialist" means in American political discourse (I'm guessing you're from the old country, given your sig and your spelling conventions), then search sometime for "AM talk radio" and listen in for a few hours. "Socialist" is little more than a pejorative. I truly wish we had some genuine socialists in the US...
Right. The current President of France is from the Socialist Party, which is one of the two big parties in France. France has universal socialized medical care - everyone legally resident in France is covered. France has free abortion on demand. France has a 35 hour work week and 5 weeks of vacation a year, enforced by law. Productivity per hour worked is one of the highest in the world, above US levels. The median wage per hour worked is one of the highest in Europe. France has energy independence, with 80% of electricity coming from nuclear power. Most education through college is Government-funded. Current tuition at French universities is about 200EUR/year.
France is a "social democracy". The French government doesn't own most businesses. Most employment is private. There's a lot of regulation, some of it petty, some of it historical going back to Napoleon. It's more annoying than serious.
That's what socialism looks like.
The above was posted by some clown who copied it from an old posting of mine - John Nagle
I'd like to see a self-driving car avoid a "near-collision" state on the Capital Beltway during busy times. Or the MD I-270 of old (they've changed it a lot since I commuted on it) -- I (along with everyone else on the road) used to spend entire commutes in a "near-collision" state, sub-second following distances at ~65mph alternated with panic stops.
That's a classic control theory problem. You want to maintain a following distance as the speed of the car ahead changes, but there's lag due to reaction time. So you can get oscillation. Solutions are known.
Smart cruise controls already do this better than humans. With radar systems you have good range rate information. Vision isn't good at range rate, especially when it's changing. With good range rate info, you can servo on speed difference and range. You can buy such systems now; that's what "smart cruise" systems do. Here's an Audi A7 doing it. 2014 Kia Those demos are in low-speed stop and go traffic. Here's a Porsche 991 doing 90 in a 55 zone on adaptive cruise control. Here's a Subaru Forester in stop and go freeway traffic in Los Angeles with smart cruise control, with speed varying from high speed down to zero and back.
Solved problem. Available now at your car dealer.
Having worked on self-driving cars (2005 Grand Challenge), a few points:
The comment about minimizing "near-collision states" is significant. A near-collision state is one where a reasonable variance of the behavior of another vehicle could cause a collision. It's about predicting other-vehicle behavior. That's an important area to study. Aviation people put a lot of effort into minimizing near-misses, and it pays off.
Incidentally, Tesla's announcement that they're starting work on an "autopilot" is them playing catch-up. Audi, BMW, Cadillac, and Ford are already demoing automatic driving systems. It looks like Cadillac will be the first to ship hands-off highway driving, in 2015. All these early systems are highway driving only, although Cadillac includes stop-and-go driving in traffic jams. That's likely to be a very popular feature.
On the sensor side, more progress is needed, and it's coming. That rotating LIDAR contraption on top of Google's self-driving cars is from Velodyne. It's 64 LIDAR units on a spinning turntable. That's a research device, not a production one. There are better ways to do LIDAR, but the cost needs to come down. The approaches used in the Kinect and the XBox One will not work outdoors in bright sunlight. Outdoor LIDAR systems work fine, but they're pulsed, not continuous. For a nanosecond, at one frequency (color) they far outshine the sun. But the total energy per pulse is low, so they're eye-safe. Currently, such devices are very expensive, but that's not for any good reason. It's because some exotic ICs have to be made in tiny quantities.
Radars are getting better, too. A decade ago, in the Grand Challenge, we had to use Eaton VORAD radars, which operate at 24GHz. These could reliably range cars, trucks, and larger bicycles, but not people at long range, or signposts. (Such radars return range, azimuth, and range rate; this isn't a speed gun. I used to have one of these looking out my window at at an intersection, with a display plotting the traffic.) Today's automotive radars are running at 77GHz, with plans to move to 79GHz. There's an effort to standardize on 79GHz internationally. Tripling the frequency, plus applying more compute power to the processing, means that most objects a car might hit are detectable. These radars are getting cheap and small, so a car will have enough of them to provide full-circle data. Long range is needed mostly in front; on the side and in back, much lower power can be used.
A key issue is a high viewpoint. This isn't just about obstacle detection. You also need to profile the road. This was a big deal for the off-road DARPA Grand Challenge, but even on paved roads you need to be able to detect junk on the pavement and potholes. Google has their sensor on top of the roof. This will probably be unacceptable in a production car. I'd go for flash LIDARs at the top corners of the front windows. One possibility is a narrow strip just above the windshield, to contain all the sensors. This is one way to combine vehicle aesthetics and field of view.
Cameras are useful, but computer vision is still kind of dumb. Distance from stereo only works at short ranges, and range rate info from cameras is poor. Digital cameras are so cheap now, so it's tempting to think they can do the whole job. Not yet. Computer vision isn't good enough. Tesla is probably putting too much hope into camera processing. You need cameras to recognize signs, traffic lights, and such. Also, you need multiple sensors because not all objects are visible on all sensors. Radars can't see insulators. Cameras can't see objects with little contrast against the background. LIDARs can't see some materials, such as the charcoal fabric used on many office chairs. Sensor fusion is essential.
Enough for now. This looks quite do-able.
They'd better ship the thing. There have been some large, overfunded Kickstarter projects that never shipped. Remember "Clang and the Pitfalls of Kickstarter"? Then there was the Form 1 low-cost 3D printer. Despite being way overfunded, the delivery date always seems to be four months away. It was four months away last December, and it's four months away now.