None of this matters unless it is actually happening to a significant extent. I could be persuaded by statistical evidence, but not by wishful thinking, no matter how often it is repeated.
because after they were shown that it could be done, they did nothing about it until this latest exploit threatened to make their failure general knowledge.
The Ars article contains nothing to support your assertion. On the other hand, the Cambridge group that originally discovered the flaw behind the exploit report that the industry did nothing between being alerted to the problem and the publication of their paper. Instead, it attempted to dismiss the problem as impractical to exploit, even though the Cambridge group demonstrated a practical attack, presented good empirical evidence that it was being exploited in the wild, and proposed mitigating measures.
One of the team members recently wrote "What we do know with confidence is that had the banks acted to close the vulnerability immediately after we notified them, these criminals would not have been able to commit this fraud."
We have to take the industry's word for it that they have now fixed the problem, and our confidence in that claim should be weighted by its previous proclivity to dissemble. Perhaps they have just fixed the liability shift part of the problem.
It is worse than that, because after they were shown that it could be done, they did nothing about it until this latest exploit threatened to make their failure general knowledge.
Why is it that the stupidest people always seem to be the ones making the decisions in matters of security?
It's like Moore's Law. It was never a law, merely an observation. It held true at the time, and for a surprisingly long time afterwards.
It still holds, generally speaking. The author of this article is mistaking his simplistic wishful thinking for insight.
As others have pointed out, it is not as if no-one thought of divide-and-conquer before, and there's nothing new in devops that would justify an expectation of different results.
Sooner or later, the author is going to rediscover the law of diminishing returns, and be saying "of course, you must have exceptionally competent people to make it work", as have all prior silver-bullet finders.
Jobs was no idiot, and if avoiding things that didn't work in his case while a bit of peaceful woowoo kept him from losing his mind while he was losing his body, I wouldn't hold it against him.
Except that when he chose this course of action, he wasn't seeking a peaceful end to his life, and he later reversed that choice and regretted not doing so sooner. http://www.forbes.com/sites/al...
Before ABS, people pumped their brakes manually in order to avoid locking the brakes. After ABS, people needed to learn to adjust how they brake.
What sort of driving changes will people need to make when getting behind the wheel of a car with automatic emergency braking?
An interesting question. My first thought was that people around here have already anticipated this development by not paying attention to the traffic around them.
But if we look ahead a few years, to when AEB systems are prevalent, we may find drivers who routinely run red lights and stop signs, taking advantage of AEB to make collision avoidance someone else's problem. It would be a classic example of the law of unintended consequences, and a warning of what is to come in the transition from human to automated driving.
The system responds to a set of inputs. It may be more complex than a single switch, but the function is little different than a power window that also has a lock to keep from being engaged
Hint: when you are making a pedantic argument, you really can't afford to slip in equivocal phrases like "little different."
Oh noes! The car is deciding for me whether a window can be engaged or not! Apparently checking to see if the brakes or window is locked before engaging is decision making now
Did it feel particularly clever of you to introduce 'lock' into the previous sentence, and then attempt to conflate it with the locking of a wheel? Unfortunately, that fails to avoid the central fallacy of your argument, which is a misidentification of who or what is making a decision (hint: a decision involves a choice between options.)
Hint: if you are attempting to ridicule someone, but you make a ridiculous extrapolation of their position and end up ridiculing that instead, the only one looking ridiculous is yourself. Jon Stewart made a career out of ridiculing people who did this.
Pumping the brake I applied is apparently decision making now.
Did you decide to pump the brakes? (hint: no.)
Do you have any idea how absurd you sound?
I have to admit that it is a bit silly spending any time replying.
It's not like I can't perform the same function without the ABS.
It's not like you can't perform emergency braking without AEB.
And as already demonstrated[sic], I can choose whether to engage the ABS by simply taking my foot off the brake and reapplying.
By then, as you have already 'demonstrated', the ABS has already made a decision and pumped the brakes.
Where is my disengage mechanism?
No, this line of thinking follows in the line of computers are magic, where a degree of complexity is apparently deciding for you. It's bunk, and is a red herring to the real question of the brakes being automatically applied as I swerve out of the way, and the car becomes uncontrollable. I see many lawsuits in the future.
If you had stuck to this position, you would have been making a useful (or at least arguable) contribution to the discussion. Hint: just because you have a valid position, it does not follow that any claim you make in its support automatically inherits that validity, or even makes sense.
Do you really want to go there?
I have no intention of following you into the hole you have dug for yourself. I will stay on the rim and maybe hand you a spade.
Following your line of logic, if you have electric windows, the car is deciding to open and close them, not you. If you have power brakes, the car is deciding to brake, not you.
His line of logic does not lead there as, unlike ABS, these systems have no decision making component.
I see there's a meandering channel-like feature at the 6 o'clock position that looks a bit like the ones that have people saying 'water?' when they see them on Mars...
> I'm guessing the receivers were incredibly permissive in how they treat incoming signals.
I would not be at all surprised, as this technology is, or was until recently, in development.
First making it work and then hardening it is not a bad strategy, as long as you actually do the latter - and it is a good idea to think about how you would do it before you need to.
Absolutely. I was thinking in terms of the popular fantasy of what having a flying car would be like, and one more reason why the reality could not be anything like that.
My guess is that automation of the flying of flying cars would be a simpler problem than the automation of road vehicles, but there are a host of more difficult problems to be solved before such a vehicle is feasible. One of them is noise.
For those of us who like to fly, the advent of flying cars would probably be the end of our hobby.
The cynic in me says that Pioneer is sitting on warehouses full of 780nm IR laser diodes (used in LaserDisc and Compact Disc players). Calling them "LIDAR components" will allow Pioneer to mark them up at year end.
I was wondering what, other than the laser, is common to the two applications, given that disk reading occurs at short range over a very narrow angle, and that the pattern being recognized is very simple. My slightly less cynical guess was that the promoters of this project within Pioneer are saying this to give it some superficial appeal to the bean-counters as a worthwhile investment, but I like your theory.
Slashdot Mirror
Even if that were true, it would not follow that closed-source code is necessarily insecure.
None of this matters unless it is actually happening to a significant extent. I could be persuaded by statistical evidence, but not by wishful thinking, no matter how often it is repeated.
I don't have the time or resources to verify the software of my car
I don't have the time or resources to replace a bad head gasket in my car. But I am not going to buy a car with the hood welded shut.
Many of the things you use are welded shut - integrated circuits, for example.
This is not addressed to you specifically, but to everyone who supports the proposition that open-sourcing is an important step in achieving security:
1) Did you make any use of OpenSSL before Heartbleed was made public? (if not, are you sure?)
2) If so, did you discover this vulnerability during your inspection of the code?
Do you trust yourself or your proprietary software vendor more? It can be a hard choice in some situations.
It's a Hobson's choice for me, as I don't have the time or resources to verify the software of my car, let alone those that I rent.
because after they were shown that it could be done, they did nothing about it until this latest exploit threatened to make their failure general knowledge.
Wrong. It was already fixed.
If you want a good, detailed look at the story, read it on Ars:
http://arstechnica.com/tech-po...
The Ars article contains nothing to support your assertion. On the other hand, the Cambridge group that originally discovered the flaw behind the exploit report that the industry did nothing between being alerted to the problem and the publication of their paper. Instead, it attempted to dismiss the problem as impractical to exploit, even though the Cambridge group demonstrated a practical attack, presented good empirical evidence that it was being exploited in the wild, and proposed mitigating measures.
One of the team members recently wrote "What we do know with confidence is that had the banks acted to close the vulnerability immediately after we notified them, these criminals would not have been able to commit this fraud."
We have to take the industry's word for it that they have now fixed the problem, and our confidence in that claim should be weighted by its previous proclivity to dissemble. Perhaps they have just fixed the liability shift part of the problem.
https://www.cl.cam.ac.uk/resea...
https://www.benthamsgaze.org/2...
It is worse than that, because after they were shown that it could be done, they did nothing about it until this latest exploit threatened to make their failure general knowledge.
Why is it that the stupidest people always seem to be the ones making the decisions in matters of security?
I don't know why, but security has been a problem every time a new class of device gains connectivity.
Robert Morris' internet worm got loose in 1988 - 27 years ago... WTF?
Glendower:
I can call spirits from the vasty deep.
Hotspur:
Why, so can I, or so can any man;
But will they come when you do call for them?
- Henry IV, Part 1
It's like Moore's Law. It was never a law, merely an observation. It held true at the time, and for a surprisingly long time afterwards.
It still holds, generally speaking. The author of this article is mistaking his simplistic wishful thinking for insight.
As others have pointed out, it is not as if no-one thought of divide-and-conquer before, and there's nothing new in devops that would justify an expectation of different results.
Sooner or later, the author is going to rediscover the law of diminishing returns, and be saying "of course, you must have exceptionally competent people to make it work", as have all prior silver-bullet finders.
Why is this even posted here? Extinction events are well documented, nothing new here...
To pick just one of many examples, security breaches are well documented.
The true purpose of chip cards is to transfer the cost of fraud away from the issuers.
There is an interesting discussion of Heisenberg's critical mass calculations here: https://www.mpiwg-berlin.mpg.d...
I am curious as to how this became a particularly British national science delusion.
Jobs was no idiot, and if avoiding things that didn't work in his case while a bit of peaceful woowoo kept him from losing his mind while he was losing his body, I wouldn't hold it against him.
Except that when he chose this course of action, he wasn't seeking a peaceful end to his life, and he later reversed that choice and regretted not doing so sooner.
http://www.forbes.com/sites/al...
The beliefs of the royals does not matter. Those of a potentially government-forming political party do.
Were vs Are
So the bit about "going back to Peter the Great" is irrelevant. And that bit was in the only sentence in smitty_one_each's post.
Before ABS, people pumped their brakes manually in order to avoid locking the brakes. After ABS, people needed to learn to adjust how they brake.
What sort of driving changes will people need to make when getting behind the wheel of a car with automatic emergency braking?
An interesting question. My first thought was that people around here have already anticipated this development by not paying attention to the traffic around them.
But if we look ahead a few years, to when AEB systems are prevalent, we may find drivers who routinely run red lights and stop signs, taking advantage of AEB to make collision avoidance someone else's problem. It would be a classic example of the law of unintended consequences, and a warning of what is to come in the transition from human to automated driving.
The system responds to a set of inputs. It may be more complex than a single switch, but the function is little different than a power window that also has a lock to keep from being engaged
Hint: when you are making a pedantic argument, you really can't afford to slip in equivocal phrases like "little different."
Oh noes! The car is deciding for me whether a window can be engaged or not! Apparently checking to see if the brakes or window is locked before engaging is decision making now
Did it feel particularly clever of you to introduce 'lock' into the previous sentence, and then attempt to conflate it with the locking of a wheel? Unfortunately, that fails to avoid the central fallacy of your argument, which is a misidentification of who or what is making a decision (hint: a decision involves a choice between options.)
Hint: if you are attempting to ridicule someone, but you make a ridiculous extrapolation of their position and end up ridiculing that instead, the only one looking ridiculous is yourself. Jon Stewart made a career out of ridiculing people who did this.
Pumping the brake I applied is apparently decision making now.
Did you decide to pump the brakes? (hint: no.)
Do you have any idea how absurd you sound?
I have to admit that it is a bit silly spending any time replying.
It's not like I can't perform the same function without the ABS.
It's not like you can't perform emergency braking without AEB.
And as already demonstrated[sic], I can choose whether to engage the ABS by simply taking my foot off the brake and reapplying.
By then, as you have already 'demonstrated', the ABS has already made a decision and pumped the brakes.
Where is my disengage mechanism?
No, this line of thinking follows in the line of computers are magic, where a degree of complexity is apparently deciding for you. It's bunk, and is a red herring to the real question of the brakes being automatically applied as I swerve out of the way, and the car becomes uncontrollable. I see many lawsuits in the future.
If you had stuck to this position, you would have been making a useful (or at least arguable) contribution to the discussion. Hint: just because you have a valid position, it does not follow that any claim you make in its support automatically inherits that validity, or even makes sense.
Do you really want to go there?
I have no intention of following you into the hole you have dug for yourself. I will stay on the rim and maybe hand you a spade.
Following your line of logic, if you have electric windows, the car is deciding to open and close them, not you. If you have power brakes, the car is deciding to brake, not you.
His line of logic does not lead there as, unlike ABS, these systems have no decision making component.
God you are dense.
In over 4 years my ABS has had to kick in a handful of times (it's damn obvious when it does) and I was glad that it did each time.
I am also glad that the ABS stepped in to override your choice of braking force and save your ass (and possibly the person in front of you, as well).
I see there's a meandering channel-like feature at the 6 o'clock position that looks a bit like the ones that have people saying 'water?' when they see them on Mars...
> I'm guessing the receivers were incredibly permissive in how they treat incoming signals.
I would not be at all surprised, as this technology is, or was until recently, in development.
First making it work and then hardening it is not a bad strategy, as long as you actually do the latter - and it is a good idea to think about how you would do it before you need to.
Absolutely. I was thinking in terms of the popular fantasy of what having a flying car would be like, and one more reason why the reality could not be anything like that.
My guess is that automation of the flying of flying cars would be a simpler problem than the automation of road vehicles, but there are a host of more difficult problems to be solved before such a vehicle is feasible. One of them is noise.
For those of us who like to fly, the advent of flying cars would probably be the end of our hobby.
The cynic in me says that Pioneer is sitting on warehouses full of 780nm IR laser diodes (used in LaserDisc and Compact Disc players).
Calling them "LIDAR components" will allow Pioneer to mark them up at year end.
I was wondering what, other than the laser, is common to the two applications, given that disk reading occurs at short range over a very narrow angle, and that the pattern being recognized is very simple. My slightly less cynical guess was that the promoters of this project within Pioneer are saying this to give it some superficial appeal to the bean-counters as a worthwhile investment, but I like your theory.