Oh, don't get me wrong, I'm a huge fan of SSDs, and use them myself for everything except backup/NAS stuff where I don't have nearly enough disposable income to cover my demand for capacity. However, the biggest improvement is not absolute throughput speed(if you can actually keep a read or write nice and linear, a high density platter HDD is pretty damned fast); but the fact that you'll get almost the same speed under a pathologically random access condition as you will under a nice linear access condition. HDDs, by contrast, absolutely fall off a cliff if you do that to them.
In fairness to Enry, I (in retrospect, not very clearly) tried to make two somewhat similar points and kind of mushed them together). My intent was the following:
1. Only for certain, fairly specific, tasks does doubling 1 subsystem's performance = 'doubling performance'. In the case of mass storage, databases seem to be the particular sweet spot. For most of what laptops are used for, the near-zero latency of an SSD makes a huge difference; but the difference between 'near zero latency, 2 PCIe lanes of bandwidth' and 'near zero latency, 4 lanes' is very unlikely to double performance across the board.
2. What is remarkable, even if 'double the performance' of the storage subsystem doesn't double the performance of the tasks you use it for, is that we now have (and relatively cheap, at that, unlike DDR-based hardware RAMdisks) storage hardware that is good enough that doubling its interface bandwidth genuinely does double its performance. With pretty much any mechanical storage, and some of the earlier SSDs, it barely mattered what the nominal performance of your interface was, because the storage device would let it down. You wanted to avoid PIO, because losing DMA meant more CPU load; and SATA has cables that are less annoying than PATA; but only with big, expensive, HDD arrays or contemporary SSDs does the speed of the interface actually make much difference in terms of performance.
It is slower than a lizard in a blizzard; but the advantage is that it uses the thermal sensors that PCs include for ACPI thermal management/fan speed control/etc. not any of the hardware that is explicitly for communication(ethernet, wifi, IRDA, BT, etc. and thus almost certain to be stripped out/disabled) or that isn't for networking; but is a fairly obvious threat(speaker and mic, laptop ambient light sensors for backlight control, that sort of thing); so it is fairly likely that even computers prepared by the relatively paranoid for use on highly sensitive networks will still have the necessary sensors(and any computer will be unable to avoid having the necessary software-controlled thermal source, barring the development of 100% efficient CPUs).
The proposed use case (probably realistic in a number of offices right now; quite possibly less so now that this paper is written and the word goes out) where somebody with suitably fancy access has one computer for access to the super-secret-special-network, and a separate one for boring email and web stuff; that are supposed to be totally disconnected from one another; but which are likely to be crammed next to each other because our hypothetical paper pusher has limited desk space.
Now that it's known to be a potential problem, mitigation isn't going to be rocket surgery(thermal communication isn't going to work as well even with an extra couple of meters of separation; much less a purpose-built insulated barrier or something); but it is hardly something that would be obvious when arranging somebody's classified desk, even if you have your paranoia hat on.
It would be an atrocious choice for exfiltrating most types of data, even a couple of pages of 'sensitive_memo.doc' would take ages; but there are some cryptographic private keys that I'd be more than willing to wait a month or two for...
But how did the malware get on BOTH of the computers in the first place? TFA totally avoids that question.
TFA was either unclear or misrepresented: This technique is purely a demonstration of a sneaky covert channel implementation that requires only hardware likely to be present and functioning even on aggressively air-gapped systems. Actually getting the malware in place to use the covert channel is somebody else's problem, so TFA doesn't address it.
Isn't 'cyber-incident' the sort of bullshit term that is more or less designed to be slippery, and thus useful for both alarmism and obfuscation as the situation requires?
It's vague enough that the most harmless script-kiddie probing for easy targets could theoretically be totted up as a 'cyber incident', regardless of harm, if you were attempting to make the world out to be a place so dangerous that your budget definitely needs to increase; but also allows some classes of security failure to not be 'cyber'(if, say, social engineering was employed at some point); and also leaves considerable flexibility over what qualifies as an 'incident'(potentially pulling tens or hundreds of individual occurrences under one 'incident' if you are trying to look more competent, or breaking out every record spilled in one DB breach if you are attempting to look more embattled).
Why try to define it if we can just set it on fire, salt the ashes, and pretend it was never coined?
Doubling performance of one subsystem only counts as 'doubling performance' against specific workloads(of which there are some, hence the enthusiasm among users of Big Serious Databases for buying SSDs that cost substantially more than this laptop, or even a pallet of these laptops, once you get the whole storage system up and running); but your usual laptop activities probably won't be quite as dramatic.
What is somewhat notable about this change is that these days are the first time in ages that storage systems(outside of contrived scenarios involving hanging gigantic fiber channel arrays off the lousiest PCI-X HBA you can find, then adding a cheapie PCI device to the same bus just to cut the bandwidth further, or similar silliness) have actually been bottlenecked by their connection to the rest of the system, rather than by their own inadequacy.
With HDDs, and the earlier SSDs, the alleged link speed was a mostly theoretical value that determined little except how fast you could access the drive's cache RAM. Now, it seems, adding a couple of extra PCIe lanes can actually double performance. Not bad at all.
Unless society develops a sudden interest in increasing the supply of confused and sickly old people, I have to assume that this treatment would be something you do(hopefully you don't have to keep repeating it ever week thereafter forever) when you first start to detect Alzheimer's type memory issues, in order to prevent them from causing any further damage to prior memory or interfering with continued new memory formation; so that there is never any significant period of discontinuity.
There will be the somewhat interested medical-ethics question of what to do after it(or some other treatment) is first demonstrated to work: Since there will already be a substantial population of Alzheimer's patients, who have lost varying degrees of prior memory and memory function because no (effective) treatment was available; there will be people, probably a lot of them (10s of thousands or more, in all likelihood, counting only countries wealthy enough that treating them is even on the table as a possibility) who have already irreplaceably lost much or all of their past memories; but could be treated such that they would remember subsequent events.
I imagine that, on the plus side, such treatment would decrease the confusion, fear, and substantial helplessness that such patients face; but that coming back with capacity for new memories but little or nothing about the past has its own challenges.
Scarcity is so ingrained in our flawed brain, we create it in the midst of abundance.
I'm not actually sure I'd give us that much credit: when consumption is conspicuous and competitive, the existence of filthy poor people is an important part of feeling well off. Sure, having a big flatscreen TV is nice and all; but can it compete with the satisfaction of knowing that an army of disposable service-class peons have no choice but to choke back whatever irrelevant little feelings they have and pretend that doing your bidding is job satisfaction?
The ugly trick (unfortunately one that used to be a corner case; but is now an alarming percentage of your average day in modernity) is that if the context is not something we have already evolved or been conditioned to handle, we frequently fail dramatically and repeatedly; even against the better judgement of our general-purpose-but-not-always-persuasive conscious cogitation: we are, alas, not nearly as good if the challenge is "Your odds of violent death are the lowest in human history; but you've never had greater awareness of potential danger you can neither fight nor flee" or "If you obtain food and other survival requirements by sitting in a chair and moving your fingers, you now require less energy, and can afford more, than your metabolism can possibly imagine."
Weren't the Snow-Crash-related fertile crescent dwellers Sumerians, the Xerox-PARC of Mesopotamian civilization, who invented more or less everything and then got massacred by their imitators?
If I were looking for a language to scare a program into submission with, Assyrian would be a pretty plausible choice. Even by the rather high standards of the rough neighborhood that is the near and middle east, they cut quite a swath of blood-soaked mayhem through their neighbors; and put out lots of cuneiform inscriptions and rather morbid art gloating about their efficiency at this.
I know that 'genetic engineering' is something that attracts somewhat nebulous 'ethics' questions like shit attracts flies; but the concerns in TFA seem more like 'risk questions' rather than 'ethics questions'(except in the weak sense that it's very plausibly unethical to do highly risky things that will end up affecting large numbers of people if they go badly).
I don't wish to say that there aren't ethical questions(or, if there aren't, they could be raised); but "Scientists say that germline modification is a dangerously risky idea because we don't really know what we are doing, and once we do it the only way to stop it will be to track down the one we modified and sterilize or incinerate all his/her descendants." and "Scientists have ethical issues with genetic engineering because it is squicky" are two very different types of argument.
In terms of risk assessment, the argument against germline work seems much stronger, since you will pretty much have to get eugenic on a potentially nontrival number of people if you fuck up; but modification of individuals seems to slot rather neatly into the same basic cost/benefit calculus that we use for drugs, surgery, and other matters medical: yeah, it sucks that there are risks; but the world is rotten with diseases and conditions where the current standard of care is really depressing, so as long as you keep it to informed-consenting subjects, what's the problem?
Firethorn said "violence and/or sex"(and, in practice, even in games that tempt fate by having sex as well as violence the two are usually largely separate, freaky Japanese imports aside).
That correction aside, though, there is one point of argument that I think doesn't get enough attention in the 'violence and stuff in videogames' disputes:
Since videogames are interactive, which makes player choice at least possible(if the developer doesn't force you onto rails), the existence of bad, even (literally) atrocious, things in the game can actually make it more morally salient, and more effectively challenge the player's "hehe, violence is lulz!" approach.
Just by way of example: in Fallout games pre-Bethesda(so everything before Fallout 3), you could kill children. In Fallout 3 and later there are some children but they are invulnerable and can only be talked to. However, your character's options, and likely his survival, strongly depended on the attitudes and cooperation of NPCs in the gameworld. You were free to kill kids; but (surprise surprise) most of the decent-human-being NPCs strongly disapproved, to the point of overtly refusing to deal with you and/or trying to kill you.
The option to kill children didn't really make it a 'sick child murder simulator!!!'. You could do it; but you paid a high, and fairly plausible and realistic, price: nobody wants to associate with, or assist, the sort of sick fuck who does that, and so you probably died in the wasteland. Fallout 3 and later just whitewashed that moral choice, and it wasn't even possible to commit that particular crime or pay its penalty.
This doesn't mean that any game with grotesque transgressions is a veritable font of moral wisdom, it'd be pretty trivial(and isn't uncommon) to have games that gleefully glorify (sometimes even without much ironic detachment) various sorts of mayhem; but it really ought to be remembered that one of the powerful, and morally relevant, possibilities of an interactive medium is to have all manner of choices, good, bad, indifferent, downright depraved, be available; but have the gameworld respond appropriately.
(Dishonored did a pretty good job with this one, I thought, even for its poor generic-guard-mooks: it was typically easier to kill them than to evade or stun them; but you knew that the poor bastards were just city guards, who thought you'd assassinated the empress, doing their jobs. How many could you justify killing 'for the mission'? 'Just because it was easier'? 'For fun'? Depending on that number, the NPCs you interacted with, and the city itself, would change its own tone. You could play 'clean', you could leave a trail of bodies for the plague rats; but the consequences would be felt.)
Thankfully, just seriously enough. Actually change the games they play? Hahaha, no. So far largely successfully avoid any actually-binding regulation of game content in favor of fairly toothless 'self regulating' ratings entity? Yes. (Yeah, such legislation would almost definitely be unconstitutional; but some sort of legalist slurry, similar to the one that made 'obscenity' mysterious-but-constitutionally-unprotected, would almost certainly have been emitted and might well have worked.)
"Unsupported"? As in "Just like pretty much any version that isn't Professional or Enterprise with a sufficiently large yearly spend by your organization that we'll actually have an engineer take your phone calls"?
This isn't exclusive to Microsoft; but it certainly includes them: Except in the occasional case of some indie hero/martyr; or heroically expensive software priced like it includes hours of a technical expert's time because it in fact does, software isn't really 'supported'. If you are reasonably lucky and persistent, an issue with some mass market shrinkwrap software might get examined, because of the risk that it will affect enough other customers; but you didn't pay enough(and your bug report probably wasn't informative enough) to be worth the trouble alone. On the other side of the coin, the guy who paid nothing certainly didn't pay enough, and his cracked copy probably isn't treated as representative; but he'll get as patched as you do, in the end.
Software support is hardly valueless(indeed, some companies sell little else, either because their product is FOSS or because it's some ERP-stem-cell-line capable of anything but fit for nothing without months or years of customization); but it is something that you can live with only indirect access to(if the Dell XYZ runs Win10 so that they can sell it to corporate customers with Software Assurance that probably means the drivers will work just fine for me, and if they don't enough of the real customers will run into similar issues that it might get fixed); and it is something that you already almost entirely don't get for your $60 game or $100 OS.
If 'unsupported' is the only defect of the pirate version; that effectively means that home and small business SKUs are now priced at $0.
If the NSA does not already have access to Cisco's obfuscated address system, then they are not doing their job.
It doesn't help that the list of addresses that would totally be plausible recipients of an order of big, fancy, networking gear is markedly smaller than the list of addresses.
Even if you ruled out cracking Cisco(which the NSA obviously wouldn't), bulk characterization of addresses by demographic is something that those sleazy abhumans in 'direct mail marketing' have been doing since before 'spammer' was even a term. Purely by collating publicly available information(or just hiring one of the existing data brokers do do it for them, since they offer exactly such services), it should be fairly easy to flag packages leaving Cisco for destinations that seem implausible in terms of expected demand for networking gear or ability to pay for it.
There's also the issue, for Cisco, that drop sites in active use by their actual owners will be a bit of a customer service headache; but drop sites 'clandestinely' controlled by those 'sensitive' customers may or may not be as secret as the customers think, and random abandoned buildings aren't exactly ideal storage and transfer locations for expensive and moderately delicate shipments.
Cisco also has the disadvantage that, if a shipment crosses borders, certain sorts of obfuscation with tax or export regulation implications potentially become legally risky (which a state adversary might well have fun with) and Cisco, because of their ongoing battle with clone components and grey market stuff, has a competing incentive to avoid throwing more mystery into their supply chain or compromising their cooperation with customs enforcement agencies and anti-counterfeiting law enforcement types. That isn't going to get any easier if there is supposed to be a 'Cisco-blessed' underground channel alongside the usual seedy resellers and dodgy discount hardware.
They don't really have any alternative, if they want to keep customers who aren't pen pals with Uncle Sam; but their ability to talk the talk may well exceed their ability to act on it.
A crawlspace might actually be more pleasant: there will be moisture and dust; but the outside environment doesn't have any substantial sources of the 'tar' stuff in cigarette smoke buildup that is so brutally good at turning mere dust and fuzz into a sticky mess that you really want to break out the solvents to deal with.
The outdoors certainly isn't ideal(in particular, condensation inside HDDs will kill them right quick, should it happen; but on a concrete slab under a house it'll be mostly whatever dirt/dust is light enough to stay airborne, plus condensation at certain times of day.
If I were in the questioner's shoes, I'd do it one of two(maybe three) ways:
Option 1: Get out the checkbook and call an industrial vendor. I'm most familiar with Logic Supply; but there are others, no specific endorsement, etc. They have, and will be happy to sell, hardware fast enough to do HTPC stuff(not really a very high bar to clear, even Intel Integrated graphics does H.264 decode in hardware, so it's just not very hard); and it's all sealed, fanless, classy.
Option 2: Option 1; but DIY: pick low-power parts, a big aluminum chassis with a nice chunky amplifier heatsink attached, thermal paste everything you can to the chassis, hope for the best. Cheaper, not as good; unless you put some real time and craftsmanship into it; but cheap is cheap, no?
Option 3: Expendable: Circuit boards can take a bit of exposure to dust and water, heatsinks and fans can handle some clogging if you over-spec the cooling a bit, cheap hardware is good enough for HTPC use so if you need to replace some it isn't a huge catastrophe:
Just for your sake(the computer won't much care) go for an aluminum case and brass or nylon standoffs, screws, etc. cheap stamped steel can and will rust, and cutting yourself on rusty metal is no fun. Choose a heat sink with widely spaced fins(big fibers will still get caught, smaller ones and dust will pass through). Over-spec the cooling a bit, to allow for degradation: big, slow fans are best. Condensation? Try to keep important boards vertical so that it doesn't pool anywhere. Yeah, it'll die; but based on the systems I've seen living through all sorts of hell, odds are good that it will take a while.
(The only exception, and the real problem if he wants to put his storage array outside, is that HDDs are touchy enough under controlled conditions, a pain in the ass to swap out, especially if you have to grovel into the crawl space, and are unlikely to like moisture. A little boot SSD for your HTPC to run from and access network storage? Sure. Your big RAID array? Outside? Are you Joking? That will hurt.)
Or a certain amount of expendability(I suppose that that is arguably a 'military grade spec' in many contexts).
It is repulsive how nasty a computer can get and, on average, keep right on ticking. Even in polite office environments, they fill with that wonderful grey IT dust over the course of a few years. In the non-air-conditioned houses of heavy smokers, it's a great deal worse and they still tend to survive.
Military or industrial grade stuff, with shock mounts and fanless sealed cases and actual ratings against ingress under power-wash conditions and so on are great if you have really important stuff riding on the continued function of a given computer in a harsh environment; but if it is largely a matter of convenience you might well be surprised how long a more or less entirely normal PC holds out(and, unless you are really overdoing the specs for an HTPC, it may well be cheaper to replace it a few times than buy the hardened version once).
Slashdot Mirror
Oh, don't get me wrong, I'm a huge fan of SSDs, and use them myself for everything except backup/NAS stuff where I don't have nearly enough disposable income to cover my demand for capacity. However, the biggest improvement is not absolute throughput speed(if you can actually keep a read or write nice and linear, a high density platter HDD is pretty damned fast); but the fact that you'll get almost the same speed under a pathologically random access condition as you will under a nice linear access condition. HDDs, by contrast, absolutely fall off a cliff if you do that to them.
In fairness to Enry, I (in retrospect, not very clearly) tried to make two somewhat similar points and kind of mushed them together). My intent was the following:
1. Only for certain, fairly specific, tasks does doubling 1 subsystem's performance = 'doubling performance'. In the case of mass storage, databases seem to be the particular sweet spot. For most of what laptops are used for, the near-zero latency of an SSD makes a huge difference; but the difference between 'near zero latency, 2 PCIe lanes of bandwidth' and 'near zero latency, 4 lanes' is very unlikely to double performance across the board.
2. What is remarkable, even if 'double the performance' of the storage subsystem doesn't double the performance of the tasks you use it for, is that we now have (and relatively cheap, at that, unlike DDR-based hardware RAMdisks) storage hardware that is good enough that doubling its interface bandwidth genuinely does double its performance. With pretty much any mechanical storage, and some of the earlier SSDs, it barely mattered what the nominal performance of your interface was, because the storage device would let it down. You wanted to avoid PIO, because losing DMA meant more CPU load; and SATA has cables that are less annoying than PATA; but only with big, expensive, HDD arrays or contemporary SSDs does the speed of the interface actually make much difference in terms of performance.
It is slower than a lizard in a blizzard; but the advantage is that it uses the thermal sensors that PCs include for ACPI thermal management/fan speed control/etc. not any of the hardware that is explicitly for communication(ethernet, wifi, IRDA, BT, etc. and thus almost certain to be stripped out/disabled) or that isn't for networking; but is a fairly obvious threat(speaker and mic, laptop ambient light sensors for backlight control, that sort of thing); so it is fairly likely that even computers prepared by the relatively paranoid for use on highly sensitive networks will still have the necessary sensors(and any computer will be unable to avoid having the necessary software-controlled thermal source, barring the development of 100% efficient CPUs).
The proposed use case (probably realistic in a number of offices right now; quite possibly less so now that this paper is written and the word goes out) where somebody with suitably fancy access has one computer for access to the super-secret-special-network, and a separate one for boring email and web stuff; that are supposed to be totally disconnected from one another; but which are likely to be crammed next to each other because our hypothetical paper pusher has limited desk space.
Now that it's known to be a potential problem, mitigation isn't going to be rocket surgery(thermal communication isn't going to work as well even with an extra couple of meters of separation; much less a purpose-built insulated barrier or something); but it is hardly something that would be obvious when arranging somebody's classified desk, even if you have your paranoia hat on.
It would be an atrocious choice for exfiltrating most types of data, even a couple of pages of 'sensitive_memo.doc' would take ages; but there are some cryptographic private keys that I'd be more than willing to wait a month or two for...
Not quite; you can transfer at full speed for the whole month without being throttled or paying overage fees...
But how did the malware get on BOTH of the computers in the first place? TFA totally avoids that question.
TFA was either unclear or misrepresented: This technique is purely a demonstration of a sneaky covert channel implementation that requires only hardware likely to be present and functioning even on aggressively air-gapped systems. Actually getting the malware in place to use the covert channel is somebody else's problem, so TFA doesn't address it.
Isn't 'cyber-incident' the sort of bullshit term that is more or less designed to be slippery, and thus useful for both alarmism and obfuscation as the situation requires?
It's vague enough that the most harmless script-kiddie probing for easy targets could theoretically be totted up as a 'cyber incident', regardless of harm, if you were attempting to make the world out to be a place so dangerous that your budget definitely needs to increase; but also allows some classes of security failure to not be 'cyber'(if, say, social engineering was employed at some point); and also leaves considerable flexibility over what qualifies as an 'incident'(potentially pulling tens or hundreds of individual occurrences under one 'incident' if you are trying to look more competent, or breaking out every record spilled in one DB breach if you are attempting to look more embattled).
Why try to define it if we can just set it on fire, salt the ashes, and pretend it was never coined?
Doubling performance of one subsystem only counts as 'doubling performance' against specific workloads(of which there are some, hence the enthusiasm among users of Big Serious Databases for buying SSDs that cost substantially more than this laptop, or even a pallet of these laptops, once you get the whole storage system up and running); but your usual laptop activities probably won't be quite as dramatic.
What is somewhat notable about this change is that these days are the first time in ages that storage systems(outside of contrived scenarios involving hanging gigantic fiber channel arrays off the lousiest PCI-X HBA you can find, then adding a cheapie PCI device to the same bus just to cut the bandwidth further, or similar silliness) have actually been bottlenecked by their connection to the rest of the system, rather than by their own inadequacy.
With HDDs, and the earlier SSDs, the alleged link speed was a mostly theoretical value that determined little except how fast you could access the drive's cache RAM. Now, it seems, adding a couple of extra PCIe lanes can actually double performance. Not bad at all.
I'm going to be charitable and assume that you'll get to statistics next semester...
Unless society develops a sudden interest in increasing the supply of confused and sickly old people, I have to assume that this treatment would be something you do(hopefully you don't have to keep repeating it ever week thereafter forever) when you first start to detect Alzheimer's type memory issues, in order to prevent them from causing any further damage to prior memory or interfering with continued new memory formation; so that there is never any significant period of discontinuity.
There will be the somewhat interested medical-ethics question of what to do after it(or some other treatment) is first demonstrated to work: Since there will already be a substantial population of Alzheimer's patients, who have lost varying degrees of prior memory and memory function because no (effective) treatment was available; there will be people, probably a lot of them (10s of thousands or more, in all likelihood, counting only countries wealthy enough that treating them is even on the table as a possibility) who have already irreplaceably lost much or all of their past memories; but could be treated such that they would remember subsequent events.
I imagine that, on the plus side, such treatment would decrease the confusion, fear, and substantial helplessness that such patients face; but that coming back with capacity for new memories but little or nothing about the past has its own challenges.
Scarcity is so ingrained in our flawed brain, we create it in the midst of abundance.
I'm not actually sure I'd give us that much credit: when consumption is conspicuous and competitive, the existence of filthy poor people is an important part of feeling well off. Sure, having a big flatscreen TV is nice and all; but can it compete with the satisfaction of knowing that an army of disposable service-class peons have no choice but to choke back whatever irrelevant little feelings they have and pretend that doing your bidding is job satisfaction?
The ugly trick (unfortunately one that used to be a corner case; but is now an alarming percentage of your average day in modernity) is that if the context is not something we have already evolved or been conditioned to handle, we frequently fail dramatically and repeatedly; even against the better judgement of our general-purpose-but-not-always-persuasive conscious cogitation: we are, alas, not nearly as good if the challenge is "Your odds of violent death are the lowest in human history; but you've never had greater awareness of potential danger you can neither fight nor flee" or "If you obtain food and other survival requirements by sitting in a chair and moving your fingers, you now require less energy, and can afford more, than your metabolism can possibly imagine."
Weren't the Snow-Crash-related fertile crescent dwellers Sumerians, the Xerox-PARC of Mesopotamian civilization, who invented more or less everything and then got massacred by their imitators?
If I were looking for a language to scare a program into submission with, Assyrian would be a pretty plausible choice. Even by the rather high standards of the rough neighborhood that is the near and middle east, they cut quite a swath of blood-soaked mayhem through their neighbors; and put out lots of cuneiform inscriptions and rather morbid art gloating about their efficiency at this.
I'm not sure I believe this story. GoDaddy doesn't offer customer support, so how could the social engineers have spoken to them?
And on that score, the Senate Launch System has apparently been performing as designed.
Maybe they can get EA to take over stewardship of the franchise! Those guys sure know how to nourish and cherish a beloved series, don't they?
I know that 'genetic engineering' is something that attracts somewhat nebulous 'ethics' questions like shit attracts flies; but the concerns in TFA seem more like 'risk questions' rather than 'ethics questions'(except in the weak sense that it's very plausibly unethical to do highly risky things that will end up affecting large numbers of people if they go badly).
I don't wish to say that there aren't ethical questions(or, if there aren't, they could be raised); but "Scientists say that germline modification is a dangerously risky idea because we don't really know what we are doing, and once we do it the only way to stop it will be to track down the one we modified and sterilize or incinerate all his/her descendants." and "Scientists have ethical issues with genetic engineering because it is squicky" are two very different types of argument.
In terms of risk assessment, the argument against germline work seems much stronger, since you will pretty much have to get eugenic on a potentially nontrival number of people if you fuck up; but modification of individuals seems to slot rather neatly into the same basic cost/benefit calculus that we use for drugs, surgery, and other matters medical: yeah, it sucks that there are risks; but the world is rotten with diseases and conditions where the current standard of care is really depressing, so as long as you keep it to informed-consenting subjects, what's the problem?
Firethorn said "violence and/or sex"(and, in practice, even in games that tempt fate by having sex as well as violence the two are usually largely separate, freaky Japanese imports aside).
That correction aside, though, there is one point of argument that I think doesn't get enough attention in the 'violence and stuff in videogames' disputes:
Since videogames are interactive, which makes player choice at least possible(if the developer doesn't force you onto rails), the existence of bad, even (literally) atrocious, things in the game can actually make it more morally salient, and more effectively challenge the player's "hehe, violence is lulz!" approach.
Just by way of example: in Fallout games pre-Bethesda(so everything before Fallout 3), you could kill children. In Fallout 3 and later there are some children but they are invulnerable and can only be talked to. However, your character's options, and likely his survival, strongly depended on the attitudes and cooperation of NPCs in the gameworld. You were free to kill kids; but (surprise surprise) most of the decent-human-being NPCs strongly disapproved, to the point of overtly refusing to deal with you and/or trying to kill you.
The option to kill children didn't really make it a 'sick child murder simulator!!!'. You could do it; but you paid a high, and fairly plausible and realistic, price: nobody wants to associate with, or assist, the sort of sick fuck who does that, and so you probably died in the wasteland. Fallout 3 and later just whitewashed that moral choice, and it wasn't even possible to commit that particular crime or pay its penalty.
This doesn't mean that any game with grotesque transgressions is a veritable font of moral wisdom, it'd be pretty trivial(and isn't uncommon) to have games that gleefully glorify (sometimes even without much ironic detachment) various sorts of mayhem; but it really ought to be remembered that one of the powerful, and morally relevant, possibilities of an interactive medium is to have all manner of choices, good, bad, indifferent, downright depraved, be available; but have the gameworld respond appropriately.
(Dishonored did a pretty good job with this one, I thought, even for its poor generic-guard-mooks: it was typically easier to kill them than to evade or stun them; but you knew that the poor bastards were just city guards, who thought you'd assassinated the empress, doing their jobs. How many could you justify killing 'for the mission'? 'Just because it was easier'? 'For fun'? Depending on that number, the NPCs you interacted with, and the city itself, would change its own tone. You could play 'clean', you could leave a trail of bodies for the plague rats; but the consequences would be felt.)
Do people actually take the ESRB seriously?
Thankfully, just seriously enough. Actually change the games they play? Hahaha, no. So far largely successfully avoid any actually-binding regulation of game content in favor of fairly toothless 'self regulating' ratings entity? Yes. (Yeah, such legislation would almost definitely be unconstitutional; but some sort of legalist slurry, similar to the one that made 'obscenity' mysterious-but-constitutionally-unprotected, would almost certainly have been emitted and might well have worked.)
"Unsupported"? As in "Just like pretty much any version that isn't Professional or Enterprise with a sufficiently large yearly spend by your organization that we'll actually have an engineer take your phone calls"?
This isn't exclusive to Microsoft; but it certainly includes them: Except in the occasional case of some indie hero/martyr; or heroically expensive software priced like it includes hours of a technical expert's time because it in fact does, software isn't really 'supported'. If you are reasonably lucky and persistent, an issue with some mass market shrinkwrap software might get examined, because of the risk that it will affect enough other customers; but you didn't pay enough(and your bug report probably wasn't informative enough) to be worth the trouble alone. On the other side of the coin, the guy who paid nothing certainly didn't pay enough, and his cracked copy probably isn't treated as representative; but he'll get as patched as you do, in the end.
Software support is hardly valueless(indeed, some companies sell little else, either because their product is FOSS or because it's some ERP-stem-cell-line capable of anything but fit for nothing without months or years of customization); but it is something that you can live with only indirect access to(if the Dell XYZ runs Win10 so that they can sell it to corporate customers with Software Assurance that probably means the drivers will work just fine for me, and if they don't enough of the real customers will run into similar issues that it might get fixed); and it is something that you already almost entirely don't get for your $60 game or $100 OS.
If 'unsupported' is the only defect of the pirate version; that effectively means that home and small business SKUs are now priced at $0.
If the NSA does not already have access to Cisco's obfuscated address system, then they are not doing their job.
It doesn't help that the list of addresses that would totally be plausible recipients of an order of big, fancy, networking gear is markedly smaller than the list of addresses.
Even if you ruled out cracking Cisco(which the NSA obviously wouldn't), bulk characterization of addresses by demographic is something that those sleazy abhumans in 'direct mail marketing' have been doing since before 'spammer' was even a term. Purely by collating publicly available information(or just hiring one of the existing data brokers do do it for them, since they offer exactly such services), it should be fairly easy to flag packages leaving Cisco for destinations that seem implausible in terms of expected demand for networking gear or ability to pay for it.
There's also the issue, for Cisco, that drop sites in active use by their actual owners will be a bit of a customer service headache; but drop sites 'clandestinely' controlled by those 'sensitive' customers may or may not be as secret as the customers think, and random abandoned buildings aren't exactly ideal storage and transfer locations for expensive and moderately delicate shipments.
Cisco also has the disadvantage that, if a shipment crosses borders, certain sorts of obfuscation with tax or export regulation implications potentially become legally risky (which a state adversary might well have fun with) and Cisco, because of their ongoing battle with clone components and grey market stuff, has a competing incentive to avoid throwing more mystery into their supply chain or compromising their cooperation with customs enforcement agencies and anti-counterfeiting law enforcement types. That isn't going to get any easier if there is supposed to be a 'Cisco-blessed' underground channel alongside the usual seedy resellers and dodgy discount hardware.
They don't really have any alternative, if they want to keep customers who aren't pen pals with Uncle Sam; but their ability to talk the talk may well exceed their ability to act on it.
A crawlspace might actually be more pleasant: there will be moisture and dust; but the outside environment doesn't have any substantial sources of the 'tar' stuff in cigarette smoke buildup that is so brutally good at turning mere dust and fuzz into a sticky mess that you really want to break out the solvents to deal with.
The outdoors certainly isn't ideal(in particular, condensation inside HDDs will kill them right quick, should it happen; but on a concrete slab under a house it'll be mostly whatever dirt/dust is light enough to stay airborne, plus condensation at certain times of day.
If I were in the questioner's shoes, I'd do it one of two(maybe three) ways:
Option 1: Get out the checkbook and call an industrial vendor. I'm most familiar with Logic Supply; but there are others, no specific endorsement, etc. They have, and will be happy to sell, hardware fast enough to do HTPC stuff(not really a very high bar to clear, even Intel Integrated graphics does H.264 decode in hardware, so it's just not very hard); and it's all sealed, fanless, classy.
Option 2: Option 1; but DIY: pick low-power parts, a big aluminum chassis with a nice chunky amplifier heatsink attached, thermal paste everything you can to the chassis, hope for the best. Cheaper, not as good; unless you put some real time and craftsmanship into it; but cheap is cheap, no?
Option 3: Expendable: Circuit boards can take a bit of exposure to dust and water, heatsinks and fans can handle some clogging if you over-spec the cooling a bit, cheap hardware is good enough for HTPC use so if you need to replace some it isn't a huge catastrophe:
Just for your sake(the computer won't much care) go for an aluminum case and brass or nylon standoffs, screws, etc. cheap stamped steel can and will rust, and cutting yourself on rusty metal is no fun. Choose a heat sink with widely spaced fins(big fibers will still get caught, smaller ones and dust will pass through). Over-spec the cooling a bit, to allow for degradation: big, slow fans are best. Condensation? Try to keep important boards vertical so that it doesn't pool anywhere. Yeah, it'll die; but based on the systems I've seen living through all sorts of hell, odds are good that it will take a while.
(The only exception, and the real problem if he wants to put his storage array outside, is that HDDs are touchy enough under controlled conditions, a pain in the ass to swap out, especially if you have to grovel into the crawl space, and are unlikely to like moisture. A little boot SSD for your HTPC to run from and access network storage? Sure. Your big RAID array? Outside? Are you Joking? That will hurt.)
Or a certain amount of expendability(I suppose that that is arguably a 'military grade spec' in many contexts).
It is repulsive how nasty a computer can get and, on average, keep right on ticking. Even in polite office environments, they fill with that wonderful grey IT dust over the course of a few years. In the non-air-conditioned houses of heavy smokers, it's a great deal worse and they still tend to survive.
Military or industrial grade stuff, with shock mounts and fanless sealed cases and actual ratings against ingress under power-wash conditions and so on are great if you have really important stuff riding on the continued function of a given computer in a harsh environment; but if it is largely a matter of convenience you might well be surprised how long a more or less entirely normal PC holds out(and, unless you are really overdoing the specs for an HTPC, it may well be cheaper to replace it a few times than buy the hardened version once).