A feature I've really been missing in automobiles is a mechanism whereby the ignition, steering, gas, and brake can be remotely disabled. Especially when that same mechanism can ensure that I'm hopelessly trapped inside the car the whole time.
Nope, can't possibly see how that could ever go wrong.
But being aggressively anti-union and using your control over an economic behemoth to keep salaries down and workers firmly under your thumb... that's not bullying at all, right?
For thirty nine years I lived in a place that gets the same (or less, depending on the source) amount of sunny days per year as Seattle.
Two years ago I realized that the only things keeping me there were in my head. So I relocated to a place that has double that number and I've found it to be an absolutely wonderful change and wish I'd done it decades ago.
First, some comedian said a while back: "When I'm driving, I hate pedestrians. And when I'm walking, I hate drivers. But no matter what I'm doing, I hate cyclists."
On the other hand, I've been commuting almost entirely on an electric bike for the last year and a half. Knowing what I've hated about cyclists for decades, I scrupulously stop at stop signs and red lights and use hand signals.
On the rare occasions when I take my car, it's always 25-45 minutes depending on traffic. On my bike I can cover the same four miles in 15-24 minutes, at times zooming right by 2-3 blocks worth of stopped cars.
In general, these days I avoid taking my car anywhere. Electric bike is usually faster and always way more fun.
I was shopping for an iphone 6s a few months back and it was basically impossible to find a used one that I could be certain wasn't a half-assed refurb.
Ended up getting one from what looked like a reliable seller and it was bizarre. It weighed less than a supposedly identical model that I'd purchased new some years ago, the screen was decidedly yellow, and the touch interface was somewhere between laggy and nonresponsive.
Over th eyears I've bought a number of refurbished apple products directly from apple and have been satisfied with all of them.
But it genuinely does damage Apple's brand to have unauthorized hacks slapping knock-off replacement bits in things and calling them 'refurbished'.
Oh, what a brave new world, that has uniquely shaped plastic headlights for every model of car on the road, that cost hundreds of dollars each to replace and throw light in shitty to moderately ok patterns until the plastic yellows and hazes up with age.
A strong argument against our government agencies actively backdooring stuff (cisco hardware, AES, key escrow, etc) and passively maintaining an arsenal of zero day exploits is that these things will be leaked or discovered independently and used by adversarial states against our companies and citizens.
It's happened a bunch.
Now some companies catch China doing it. They protect themselves, turn over the details to three-letter-agencies, and deny it ever happened so that the exploit can be added to the national arsenal of weaponized vulnerabilities.
So if I want a domain name for a business (I do) and that domain is currently owned by a squatter (it is) and that squatter wants $2k for it (he does)...
I can just register trademark the name and force it to be transferred to me without compensating the troll?
While walking along in desert sand, you suddenly look down and see a tortoise crawling toward you. You reach down and flip it over onto its back. The tortoise lies there, its belly baking in the hot sun, beating its legs, trying to turn itself over, but it cannot do so without your help.
Do you make decisions solely based on what's directly in front of your bumper?
Or do you make decisions drawing from years of experience driving cars and what you see to either side and in the rearview mirror and your side mirrors and what you see further down the road and, dare I say it, common sense?
Because it's impossible to have arbitrary code execution vulnerability in rendering software, and nor has anyone in history ever chained exploits together to achieve a desired outcome?
So they're targeting the non-SSL versions of services.
And SNMP being included is somehow a mystery? If you were the sort who wanted illicit access to people's systems, networks, and communications why wouldn't you want to also catch their SNMP strings? It's notoriously insecure yet shockingly common; a great way to dig deeper into a compromised site.
From "do no evil" to adopting MicroSoft's Embrace, Extend, Extinguish strategy.
They proved it works with their handling of RSS and now they're moving on to "extending" the web where people can either comply with Google insinuating itself as the main (or sole) arbiter of identity or else get de-ranked in search results.
For a while now, you connect to a web site and the site then loads its own libraries and executable code, as well as libraries and executable code from any number (I've seen 30+) of third party sites.
You basically have no chance of understanding what's being done with your resources or to your machine (or your personal information) if you're letting sites run javascript on your machine.
You can mitigate this somewhat with plugins like noscript, but you'll still need to manually whitelist most of the sites you visit and then painstakingly reenable third party sites and reload until the site you're trying to run actually works. And now that I use the term here, "site" isn't even applicable anymore as you're not going to a place so much as inviting a bunch of unknown coders into your own house to do who-knows-what with your information, tools, and resources.
Slashdot Mirror
Because they're an e-biker and have read the law?
https://peopleforbikes.org/blo...
https://bayareabicyclelaw.com/...
A feature I've really been missing in automobiles is a mechanism whereby the ignition, steering, gas, and brake can be remotely disabled. Especially when that same mechanism can ensure that I'm hopelessly trapped inside the car the whole time.
Nope, can't possibly see how that could ever go wrong.
But being aggressively anti-union and using your control over an economic behemoth to keep salaries down and workers firmly under your thumb... that's not bullying at all, right?
What's keeping you where the weather sucks?
For thirty nine years I lived in a place that gets the same (or less, depending on the source) amount of sunny days per year as Seattle.
Two years ago I realized that the only things keeping me there were in my head. So I relocated to a place that has double that number and I've found it to be an absolutely wonderful change and wish I'd done it decades ago.
I'm of two minds on this.
First, some comedian said a while back: "When I'm driving, I hate pedestrians. And when I'm walking, I hate drivers. But no matter what I'm doing, I hate cyclists."
On the other hand, I've been commuting almost entirely on an electric bike for the last year and a half. Knowing what I've hated about cyclists for decades, I scrupulously stop at stop signs and red lights and use hand signals.
On the rare occasions when I take my car, it's always 25-45 minutes depending on traffic. On my bike I can cover the same four miles in 15-24 minutes, at times zooming right by 2-3 blocks worth of stopped cars.
In general, these days I avoid taking my car anywhere. Electric bike is usually faster and always way more fun.
I'm actually happy to see this.
I was shopping for an iphone 6s a few months back and it was basically impossible to find a used one that I could be certain wasn't a half-assed refurb.
Ended up getting one from what looked like a reliable seller and it was bizarre. It weighed less than a supposedly identical model that I'd purchased new some years ago, the screen was decidedly yellow, and the touch interface was somewhere between laggy and nonresponsive.
Over th eyears I've bought a number of refurbished apple products directly from apple and have been satisfied with all of them.
But it genuinely does damage Apple's brand to have unauthorized hacks slapping knock-off replacement bits in things and calling them 'refurbished'.
I see we're well into the "extend" phase now.
Oh, what a brave new world, that has uniquely shaped plastic headlights for every model of car on the road, that cost hundreds of dollars each to replace and throw light in shitty to moderately ok patterns until the plastic yellows and hazes up with age.
And what about the folks whose success and bonuses are measured by units shipped? :-)
You must be new here... Why sell one significantly upgraded product when you can sell two incremental upgrades instead?
A strong argument against our government agencies actively backdooring stuff (cisco hardware, AES, key escrow, etc) and passively maintaining an arsenal of zero day exploits is that these things will be leaked or discovered independently and used by adversarial states against our companies and citizens.
It's happened a bunch.
Now some companies catch China doing it. They protect themselves, turn over the details to three-letter-agencies, and deny it ever happened so that the exploit can be added to the national arsenal of weaponized vulnerabilities.
Good times.
Would they re-invent WINE or become contributors to it?
Wait, what?
Help me understand this.
So if I want a domain name for a business (I do) and that domain is currently owned by a squatter (it is) and that squatter wants $2k for it (he does)...
I can just register trademark the name and force it to be transferred to me without compensating the troll?
While walking along in desert sand, you suddenly look down and see a tortoise crawling toward you. You reach down and flip it over onto its back. The tortoise lies there, its belly baking in the hot sun, beating its legs, trying to turn itself over, but it cannot do so without your help.
You are not helping.
Why?
You're driving a car down the road.
Do you make decisions solely based on what's directly in front of your bumper?
Or do you make decisions drawing from years of experience driving cars and what you see to either side and in the rearview mirror and your side mirrors and what you see further down the road and, dare I say it, common sense?
Orly?
https://www.digitaltrends.com/...
Because it's impossible to have arbitrary code execution vulnerability in rendering software, and nor has anyone in history ever chained exploits together to achieve a desired outcome?
Oh, wait-
https://security.stackexchange...
And chaining vulnerabilities is very common.
What are the security implications of letting web sites run arbitrary code on your GPU?
I bet they're more significant than you're expecting.
https://lib.dr.iastate.edu/cgi...
https://ieeexplore.ieee.org/st...
So they're targeting the non-SSL versions of services.
And SNMP being included is somehow a mystery? If you were the sort who wanted illicit access to people's systems, networks, and communications why wouldn't you want to also catch their SNMP strings? It's notoriously insecure yet shockingly common; a great way to dig deeper into a compromised site.
Found the astroturfer.
From "do no evil" to adopting MicroSoft's Embrace, Extend, Extinguish strategy.
They proved it works with their handling of RSS and now they're moving on to "extending" the web where people can either comply with Google insinuating itself as the main (or sole) arbiter of identity or else get de-ranked in search results.
It's the end of the web as we know it.
Who peed in your Cheerios this morning?
No need for name calling, nor the straw man argument where you're attacking a nonsensical blanket statement that I didn't actually make.
But hey, if it makes you feel better... Happy Tuesday!
What people call this topic is a great indicator of how well they understand two things: the topic itself, and marketing.
People who have actual technical chops in the field tend to call it Computer Security, IT Security, or Information Security.
The clueless, and the people marketing to the clueless, call it Cyber Security.
Javascipt has pretty much ended that.
For a while now, you connect to a web site and the site then loads its own libraries and executable code, as well as libraries and executable code from any number (I've seen 30+) of third party sites.
You basically have no chance of understanding what's being done with your resources or to your machine (or your personal information) if you're letting sites run javascript on your machine.
You can mitigate this somewhat with plugins like noscript, but you'll still need to manually whitelist most of the sites you visit and then painstakingly reenable third party sites and reload until the site you're trying to run actually works. And now that I use the term here, "site" isn't even applicable anymore as you're not going to a place so much as inviting a bunch of unknown coders into your own house to do who-knows-what with your information, tools, and resources.
And no, it's not just a theoretical problem: https://blog.mozilla.org/secur...
Google's browser doesn't let you prevent Google from running background jobs on your machine?
I'm shocked. Shocked, I say. You should be entitled to a full refund of Chrome's purchase price.