Ummm... no. Flaws in Siemens' software (including exploiting default passwords in their package, and great difficulty in changing the passwords once deployed) were an important component in the worm's ability to insert the actual command codes into the industrial control systems. And if you'd have read TFA, you'd have seen that in 2008 Siemens met with Department of Homeland Security officials to go over the security of the SIEMATIC PCS 7 industrial control systems. The DHS had the most intimate knowledge of the weakness of Siemens' systems possible, having been asked to evaluate them for security flaws!
Given the sophistication of the worm, and the determination of the attackers, it's quite likely that it would have been written to infiltrate whatever systems they were running. Windows XP just happened to be very easy to target. But had it been a UNIX or Mac system, they would probably have found a way to get their malware installed anyway.
The *proper* response is work towards resolving the issues between two parties, and eliminating the chance of war.
What gave you the impression that actual, honest negotiations are even possible? Ahmadenijad needs the tension with Israel to stay in power. If he's not seen as the strongman leading the holy fight against the Jews who oppress their Palestinian brothers, then he'll become dogmeat, and the revolutionary guard will find someone else willing to play that role.
His job is to rattle sabers and blame Israel for all the ills his impoverished followers suffer. When the international pressure gets too high, he pretends to talk peace -- as long as it doesn't go too far. Once that's gone far enough, he then goes back to talk war to his own people, and as long as they don't actually do something so awful that would get them invaded by the U.S., he can play the vacillation game for a very long time.
For this, he is paid handsomely. A resolution of issues would put an end to his personal gravy train, and possibly his life. He won't let that happen.
Three years is a long time for an unpopular government run by radicals, thieves, and thugs. That's 10% of the lifetime of Iran's revolution. A lot could happen between now and then. Or perhaps nothing will change. But three more years of a bombless Iran can't be a bad thing.
So you're saying the solid boosters are not practical for the list of reasons you gave. That sounds fairly straight forward then: forget the SRBs. From what you wrote, it sounds like Congress even gave NASA the latitude to make that judgment.
Of course, this is Congress, and public contracts in the military-industrial complex, and NASA, and includes the whole nine yards of contractor politics. Morton Thiokol (if they are still the producers of the SRBs) are not going to roll over and let their cash cow product die without a fight. They'll ask their congressman to "defend jobs" in their district, and they'll file lawsuits, and they'll stir the pot at NASA, and do whatever else they can think of to keep SRBs flying.
And it's hard to blame somebody for wanting to defend their buggy whip business, especially when it really is rocket science. But if it's time to move on, then we have to. And NASA should be making that decision for scientific and economic reasons, not Congress, and not a lobbyist.
There is an old argument that public key cryptography is weaker than a private key system. In public key systems, one key is out there and inherently contains everything an attacker needs to decode a message. We rely on the security of the crypto system to ensure they can't do that.
I understand the point the argument is trying to make, although it's not valid. For example, we don't know if some secret elves in the basement of Ft. Meade have figured out a hyper-efficient method to factor large numbers, and are decrypting all RSA-based communications in real-time. We don't think anyone is doing that, and nobody's published a way to that, but none of that is proof that those methods don't exist.
What we do have is a large planet full of smart people, many of whom have devoted their lives looking for just that method, and they've been doing this for thousands of years, but none have found it. Yet.
If we're going to trust an unproven assumption to secure communications, the one that's been backed up with thousands of years of research seems to be a pretty good choice.
Contrast this to the SAME system where both keys are kept secret - the attacker now has zero information about the keys. It's a bit of weak argument, since we do rely completely on the cryptosystem, but being obscure on top of being effective does help a little bit.
And now you're mixing things up here, and we get to the root of the fallacy. If I encrypt eight characters of text with a Caesar cypher, and absolutely don't tell you the key is +3, it may be obscure but it's completely breakable. There is enough information in the encrypted message to derive the key. If I encrypt those same eight characters with DES, it's also breakable through a combination of brute force and cryptanalysis. There are optimizations to the attack that can reduce the search space from the apparent 56 bits of security. And once I've broken it, I know all 56 bits of your key. Ultimately the key information IS present in the secret key message, just like public key cryptography.
In other words, the argument is correct in its assertion that public key cryptography contains everything needed to decode the message and recover the key (assuming you can successfully attack the system), but the same flaw exists in secret key systems as well. They are inherently no more or less secure as a direct result of being secret-key based.
I was just trying to point out that the manufacturer's claims for "high security" were not backed up with any factual information, and that prior claims of "high security" for wireless communications by those in the industry (who should have known better) were later proven to be not-so-high and not-so-secure.
The blinking of fluorescent tubes is no faster than 120 Hz, as that's how often each zero crossing of the 60 Hz powerline frequency happens. I suspect the annoying visibly blinking fluorescent light fixtures have some flaw that makes them light up only on the half wave, at 60 Hz. 60 Hz is near, but certainly not beyond the upper limit of human perception. So yes, many people are going to be sensitive to certain fluorescent lights flickering.
These LED systems will be blinking the lights at rates fast enough to transfer data at 3,000,000 Hz. Even with all kinds of cool encoding schemes possible, they're still probably going to have to blink those lights at speeds in excess of 10,000 Hz, and probably faster. That's at least four orders of magnitude faster than any human's known sensitivity.
The chances are this light will be much more even and reliable than any fluorescent fixture can produce.
Transmitting the data through the air, you mean like WiFi and cell phones do all the time? Too bad we don't have a way to scramble the data in a way that makes its contents inaccessible unless someone has the "key"...
I assume you're suggesting they secure the data transmitted through the air scrambled with proven commercial protections like WEP, WPA-PSK, or were you thinking they might secure it with a product more widely used, like GSM?
Last month when I read the article about their system, they claimed it was a "highly secure solution." But they did did not reveal any technical details that said "we're using protocol x with algorithm y to secure communications." So for now, we know only that they claim their system is highly secure, but they've given us no basis for that claim.
Why "corrupt"? A defense lawyer's job is to refute the evidence that might implicate his client. Without legal representation, cops could jail whoever they want with impunity.
If the cops did use a home-built detector to find the cell phones, the prosecution could still introduce it by bringing out an expert witness who could attest to having thoroughly examined the detector, and found it to be fit for the job. But that would be difficult and expensive, and not nearly as sure to be accepted by a jury as a lab-grade receiver.
What courtrooms have done is to raise the standard of police work. Failure to protect and preserve evidence, not writing down notes from witnesses, all those things that might allow a crooked cop to harass someone he doesn't like, they're all reasons a jury might let a guy off. If you're going to be a cop, you need to be professional, or your success rate goes to hell. And if I were involved in such a situation, I'd sure want everyone involved to be taking it seriously.
They may be buying high quality or certified precision gear in order to meet guidelines for quality of evidence. I don't know how it would fly in Taiwan, but if the cops busted someone using your homebuilt buzzer device here in America, the first thing the defense lawyer would do is crap all over it. "Ladies and gentlemen of the jury, these bits of bubblegum and string were just wired together in a scare trick to get my client to falsely cooperate with this sham of an investigation. My client was victimized just to manipulate public opinion."
In an American court, the standard procedure is to enter a top-of-the-line scientific device as evidence, then bring in an engineer in a white lab coat to swear under oath that this device was properly calibrated according to factory specifications, and used according to published directions. Juries trust engineers in white lab coats.
It's sad, but whether or not your homebuilt device would work is almost irrelevant.
You were doing fine right up until you pulled that number out of your ass and segued into an anti-government rant. TFA doesn't say it cost 40k to do this.
TFA didn't have to quote a price. My estimate was based on publicly available information from the marketplace, and was certainly not "pulled out of my ass." My methods are very repeatable, and I suggest you replicate them yourself. I googled for "FSH4", then clicked "Shopping", then sorted by "price: high to low", figuring these units would float to the top of anything else numbered "FSH4", and they certainly did. New unit prices on the set of results ranged from $17,882.25 to $9,220.00, with a median of about $15,000. (The site with the $9,220 price included a "Pricing for U.S. customers only" warning.) I didn't figure they'd get them at the lowball price or at a significant discount, and I didn't figure they'd pay the top price either. The article did mention the manufacturer providing custom programming via "special order," but I did not add money to the estimate because if they were buying three from the manufacturer they may have received some custom work thrown in as part of the price.
And you should also note that I used the word "probably." It's not like I have access to the Taiwanese government's invoices, and could provide the exact figure. "Probably" can imply many things; in this case I placed $40,000 at the center of a rough bell curve of pricing. I think I'm within a standard deviation of how much an American company would pay, but I wouldn't say I have the same confidence in how much a Taiwanese police department would have spent.
Five minutes with Google provided enough data to get a reasonable estimate, and I did it the same way I start shopping for any expensive device.
Since these were purchased by the police, I suspect they may have other practical uses for them in mind. They probably weren't purchased only to catch a handful of cheaters, and then to be tossed aside. They may hope that a few public arrests will serve as deterrents for future cheaters, in which case this might be money well spent. They may plan to use them to detect other criminals. I don't know that, either. I just know that when I googled them I discovered these are some really expensive pieces of kit, and way out of my "casual hobbyist" range.
Wow, those R&S analyzers are some serious tools! I was just looking at frequency analyzers over at DealExtreme, where they have a dirt-cheap handheld model that sniffs out cellular frequencies for $60. Or they could have hung a cell jammer in the room for about a hundred. Or if they really thought they had to have the fancy gear, they probably could have hired in a contractor who would have sniffed around for maybe $300 per hour, and known what he was doing.
Was it was really worth the $40,000 they probably spent on them?
Oh, that's right. It's a government organization. Spending money is in their job description.
No, what Congress should be saying is "we need a vehicle that can place an 11,000 kg load in a 25,000 km orbit, it has to fly by 2015, we need 5 flights per year for the next ten years, ten of those flights will be manned missions to the ISS, and you have a budget of $6.5 billion." They can optionally say "and only build it in the USA", because the US economy is also in their jurisdiction.
Let NASA worry about reuse, booster tech, the number of stages, or if it's named Ares.
The parents are "underinformed" or "misinformed", not necessarily stupid. Sure, today we here know that the vaccine scare was bogus, but there are people who don't yet know that, and won't receive this update until it's too late.
Do the children deserve their fates because a clever trickster deceived their parents, and the parents haven't yet received the news that they were tricked?
It's not the kids who need to suffer and die. It's Wakefield who needs to be incarcerated for at least six counts of premeditated murder, and McCarthy who should be tried as his accomplice, and investigated for possible complicity in the fraud.
Obviously there are a lot more stupid, gullible, flaccid, short-penised, small-breasted, painkiller-addicted, bankrupt, acne-scarred, illegal immigrants than you realize.
The thing is they'd have to build a support infrastructure to support the PC world. Instructions for help staff, new menus in their IVRs, help files, etc. Application support is only a fraction of the work.
While all that may seem trivial on the surface, it's a ton of project management and detail work that takes a long time to pull together. They've done this before, so they know what it will take.
Most people... have become so accustomed to just selecting a name from the contacts list that they can't remember the number.
You're confusing the abstraction that is the number with the intent to talk to the person. When I pick up the phone, it's not because I want to talk to your phone, it's because I want to talk to the person listening on the other end. A phone number seems like an important thing only because they've been required for the last 80 years and we're too young to have known phones without them; before that time you simply picked up the phone and stated your intent, and the operator connected you to John. The number is a now-forced abstraction that gets in the way.
People made the same arguments about automatic transmissions. What will people do if they get in a car with a stick? How will people ever drive successfully if they don't learn to drive stick? The real meaning behind the question was always an implied "if we don't make people learn stick then just anyone can drive without putting in the effort of learning." But generations of automatic-only drivers have proven that assumption wrong. Today's automatic transmissions are better at saving fuel and shifting appropriately than most humans, and they apply the rules 100% of the time, not just when the (often poorly trained) driver is concentrating on shifting correctly.
These tech assistants are for "cars for most people." They're not there to appease NASCAR wannabees, or hypermilers, or street rods. They're about the application of technology to solve problems that real people constantly demonstrate - such an inability to focus 100% of the time on everything going on around them simultaneously, especially during times of high stress such as emergency situations or loss of control. It doesn't involve giving up the ability to drive. It means having technology help the driver do the right thing more often than they otherwise would.
Blind spots? Most can be avoided by using a simple shoulder check.
You just nailed it right there. We have to define "most". So does the average driver miss the car in the blind spot one out of a thousand times? One out of ten thousand? Did a motorcycle sneak in there from behind a semi two lanes over, or a low sports car, from between the time I checked over my shoulder and the time I start moving my vehicle over? My point is that any tech that increases the driver's success ratio will overall help reduce accidents.
Having the tech does NOT absolve you from driving the car. The tools assist you, they don't replace you. Before changing lanes, I do a shoulder check AND I check my mirrors, same as always. I don't rely on a dashboard needle to say "no cars in the blind spots." I still have to look. And every so often, there's a little yellow light in the mirror that says "hey, check again. Things changed."
It's the auto-dim that takes longer than I personally wait. Out of habit I dim my lights when I see the "corona" of the oncoming car approaching from the other side of the hill, or around the curve, and I don't wait to see the actual headlights. And it's not like the car misbehaves if I manually dim them; the car doesn't override me and try to turn them back on bright. I wouldn't have a problem with the car trying to auto dim them if I forgot, but the system just isn't as sensitive as I am so I can't trust it to be primary-decider-in-charge-of-headlight-brightness.
I guess I'm OK with the car automatically turning the lights on bright after having dimmed them, as it's never made the mistake in reverse and turned the high beams on in the face of oncoming traffic.
First, understand that Slashdot is only going to provide a hint of what you will be doing. Security is complex and easy to get wrong, and there's a whole lot of evidence of that in the news. If security is important to your company, you should invest in a CISSP to really help you get things set up in a fashion that the industry considers to be best practices. Until then, consider these few generic suggestions.
Multiple layers of security help ensure that nothing goes astray, or if it does that it's detected before too much damage is done. And separation of duties helps make sure that one rogue actor can't do it all by himself.
Separate the admin of the box from the admin of the data. The guy who holds the root PW doesn't have to be the same guy who holds the private key for the database.
Add off-the-box auditing to the actions of root. As soon as someone signs on as root, notification is sent to a different box of the originating IP and it's timestamped. Don't let your application sysadmin be the sysadmin of the audit box! And the auditor should investigate carefully any situations that are out of the ordinary. (This box fell off the network just before root logged on? That's an odd coincidence.)
Define expected behavior with policies. If you want to run a trustworthy ship, clearly stating who has access to do what with which systems eliminates confusion, and helps avoid where one sysadmin creeps over into other systems.
Ultimately, you've placed trust your admin to do a job, and you need to trust him or her to do that job. Somebody's got to be root. But they also have to know they'll be held accountable for what they do.
But that's why they should take time to play with the sensors, and to understand their lower limit thresholds. They can discover in advance that anything they see on an exposure darker than "X" is most likely due to the environment of the sensor, not of the light falling on it.
I wouldn't at all be surprised to see patterns in an all-black shot. JPEG quantization would be my first guess at an explanation. The proximity of my body heat to the sensor would be next, drafts in the camera body, humidity, static electricity, radon dust, manufacturing defects, CMOS noise, etc. There are dozens of natural phenomena that the sensor could be sensitive to in an all-black exposure.
The paranormal would always be last on my list, as I would tend to think I was missing the physical explanation before believing a metaphysical one was responsible.
Why can't the computer in your vehicle be communicating with the computers in the vehicles around it? There is no reason that a sufficiently advanced program couldn't anticipate such a scenario and avoid it altogether.
Are you going to trust the computer in the car in front of you? That looks like one of those flaky Moldavian cars, and everyone knows they have bugs. Or what about the guy with the laptop and all the antennas protruding from his roof and a pair of wireshark and ubuntu logos jauntily jeering at you from his bumper stickers? Do you trust all the signals your car is receiving now?
Google has been quietly testing self-driving cars on real California roads in real California traffic, from Mountain View to Santa Monica, down the PCH, and through San Francisco. They've had seven instances where test cars logged over 1,000 real world miles with no human intervention. They've logged 140,000 total miles. That's more than a "carefully selected course." They did, however, send a driver in advance to drive the road with a video and data capturing vehicle in order to fully map the road prior to the autonomous tests. I understand they used a lot of CPU to pre-process data like identifying road signs, shoulders, curbs, trees, potholes, etc. Let's call it a "carefully mapped course".
There is no mention in the article if they specifically trusted the cars to autonomously handle emergency vehicles, children, or the turbulence of a semi, but I assume those are the scenarios where the trained test drivers assumed manual control before the car had the chance to get in trouble. Since safety is their primary goal, I don't think they are willing to risk placing an autonomous car in a real-world emergency situation that endangers non-consenting participants. In that respect I believe you are correct, and we can say the cars still are driving in primarily uneventful conditions.
No, you can't watch an in-dash movie unless the transmission is in park. Yes, you can yakk hands-free on the phone, and be distracted. Yes, you can dick around with the navigation system while driving (although you cannot enter text fields while the car is moving.) There are cup holders for everyone.
And like everyone who posts "my car is fine without all that crap", the same arguments can be made in reverse: you can yakk on a phone without having it built into the car. You can suction-cup a nav system to the windshield and dick around with it while you drive. You can hang a cup holder off the door handle and sip lattes at 70MPH. People can be as stupid as they possibly can, with or without the car enabling them.
I want them to have systems that will keep all of us out of as many accidents as possible.
Ummm... no. Flaws in Siemens' software (including exploiting default passwords in their package, and great difficulty in changing the passwords once deployed) were an important component in the worm's ability to insert the actual command codes into the industrial control systems. And if you'd have read TFA, you'd have seen that in 2008 Siemens met with Department of Homeland Security officials to go over the security of the SIEMATIC PCS 7 industrial control systems. The DHS had the most intimate knowledge of the weakness of Siemens' systems possible, having been asked to evaluate them for security flaws!
Given the sophistication of the worm, and the determination of the attackers, it's quite likely that it would have been written to infiltrate whatever systems they were running. Windows XP just happened to be very easy to target. But had it been a UNIX or Mac system, they would probably have found a way to get their malware installed anyway.
The *proper* response is work towards resolving the issues between two parties, and eliminating the chance of war.
What gave you the impression that actual, honest negotiations are even possible? Ahmadenijad needs the tension with Israel to stay in power. If he's not seen as the strongman leading the holy fight against the Jews who oppress their Palestinian brothers, then he'll become dogmeat, and the revolutionary guard will find someone else willing to play that role.
His job is to rattle sabers and blame Israel for all the ills his impoverished followers suffer. When the international pressure gets too high, he pretends to talk peace -- as long as it doesn't go too far. Once that's gone far enough, he then goes back to talk war to his own people, and as long as they don't actually do something so awful that would get them invaded by the U.S., he can play the vacillation game for a very long time.
For this, he is paid handsomely. A resolution of issues would put an end to his personal gravy train, and possibly his life. He won't let that happen.
Three years is a long time for an unpopular government run by radicals, thieves, and thugs. That's 10% of the lifetime of Iran's revolution. A lot could happen between now and then. Or perhaps nothing will change. But three more years of a bombless Iran can't be a bad thing.
So you're saying the solid boosters are not practical for the list of reasons you gave. That sounds fairly straight forward then: forget the SRBs. From what you wrote, it sounds like Congress even gave NASA the latitude to make that judgment.
Of course, this is Congress, and public contracts in the military-industrial complex, and NASA, and includes the whole nine yards of contractor politics. Morton Thiokol (if they are still the producers of the SRBs) are not going to roll over and let their cash cow product die without a fight. They'll ask their congressman to "defend jobs" in their district, and they'll file lawsuits, and they'll stir the pot at NASA, and do whatever else they can think of to keep SRBs flying.
And it's hard to blame somebody for wanting to defend their buggy whip business, especially when it really is rocket science. But if it's time to move on, then we have to. And NASA should be making that decision for scientific and economic reasons, not Congress, and not a lobbyist.
Neighborhood "kids"? My son built me a cantenna for Christmas. Best gift EVAR!
As an aside, you wouldn't happen to own an access point with the SSID of quest2468, would you? Just asking, no special reason. :-)
There is an old argument that public key cryptography is weaker than a private key system. In public key systems, one key is out there and inherently contains everything an attacker needs to decode a message. We rely on the security of the crypto system to ensure they can't do that.
I understand the point the argument is trying to make, although it's not valid. For example, we don't know if some secret elves in the basement of Ft. Meade have figured out a hyper-efficient method to factor large numbers, and are decrypting all RSA-based communications in real-time. We don't think anyone is doing that, and nobody's published a way to that, but none of that is proof that those methods don't exist.
What we do have is a large planet full of smart people, many of whom have devoted their lives looking for just that method, and they've been doing this for thousands of years, but none have found it. Yet.
If we're going to trust an unproven assumption to secure communications, the one that's been backed up with thousands of years of research seems to be a pretty good choice.
Contrast this to the SAME system where both keys are kept secret - the attacker now has zero information about the keys. It's a bit of weak argument, since we do rely completely on the cryptosystem, but being obscure on top of being effective does help a little bit.
And now you're mixing things up here, and we get to the root of the fallacy. If I encrypt eight characters of text with a Caesar cypher, and absolutely don't tell you the key is +3, it may be obscure but it's completely breakable. There is enough information in the encrypted message to derive the key. If I encrypt those same eight characters with DES, it's also breakable through a combination of brute force and cryptanalysis. There are optimizations to the attack that can reduce the search space from the apparent 56 bits of security. And once I've broken it, I know all 56 bits of your key. Ultimately the key information IS present in the secret key message, just like public key cryptography.
In other words, the argument is correct in its assertion that public key cryptography contains everything needed to decode the message and recover the key (assuming you can successfully attack the system), but the same flaw exists in secret key systems as well. They are inherently no more or less secure as a direct result of being secret-key based.
I was just trying to point out that the manufacturer's claims for "high security" were not backed up with any factual information, and that prior claims of "high security" for wireless communications by those in the industry (who should have known better) were later proven to be not-so-high and not-so-secure.
The blinking of fluorescent tubes is no faster than 120 Hz, as that's how often each zero crossing of the 60 Hz powerline frequency happens. I suspect the annoying visibly blinking fluorescent light fixtures have some flaw that makes them light up only on the half wave, at 60 Hz. 60 Hz is near, but certainly not beyond the upper limit of human perception. So yes, many people are going to be sensitive to certain fluorescent lights flickering.
These LED systems will be blinking the lights at rates fast enough to transfer data at 3,000,000 Hz. Even with all kinds of cool encoding schemes possible, they're still probably going to have to blink those lights at speeds in excess of 10,000 Hz, and probably faster. That's at least four orders of magnitude faster than any human's known sensitivity.
The chances are this light will be much more even and reliable than any fluorescent fixture can produce.
Transmitting the data through the air, you mean like WiFi and cell phones do all the time? Too bad we don't have a way to scramble the data in a way that makes its contents inaccessible unless someone has the "key"...
I assume you're suggesting they secure the data transmitted through the air scrambled with proven commercial protections like WEP, WPA-PSK, or were you thinking they might secure it with a product more widely used, like GSM?
Last month when I read the article about their system, they claimed it was a "highly secure solution." But they did did not reveal any technical details that said "we're using protocol x with algorithm y to secure communications." So for now, we know only that they claim their system is highly secure, but they've given us no basis for that claim.
Why "corrupt"? A defense lawyer's job is to refute the evidence that might implicate his client. Without legal representation, cops could jail whoever they want with impunity.
If the cops did use a home-built detector to find the cell phones, the prosecution could still introduce it by bringing out an expert witness who could attest to having thoroughly examined the detector, and found it to be fit for the job. But that would be difficult and expensive, and not nearly as sure to be accepted by a jury as a lab-grade receiver.
What courtrooms have done is to raise the standard of police work. Failure to protect and preserve evidence, not writing down notes from witnesses, all those things that might allow a crooked cop to harass someone he doesn't like, they're all reasons a jury might let a guy off. If you're going to be a cop, you need to be professional, or your success rate goes to hell. And if I were involved in such a situation, I'd sure want everyone involved to be taking it seriously.
They may be buying high quality or certified precision gear in order to meet guidelines for quality of evidence. I don't know how it would fly in Taiwan, but if the cops busted someone using your homebuilt buzzer device here in America, the first thing the defense lawyer would do is crap all over it. "Ladies and gentlemen of the jury, these bits of bubblegum and string were just wired together in a scare trick to get my client to falsely cooperate with this sham of an investigation. My client was victimized just to manipulate public opinion."
In an American court, the standard procedure is to enter a top-of-the-line scientific device as evidence, then bring in an engineer in a white lab coat to swear under oath that this device was properly calibrated according to factory specifications, and used according to published directions. Juries trust engineers in white lab coats.
It's sad, but whether or not your homebuilt device would work is almost irrelevant.
You were doing fine right up until you pulled that number out of your ass and segued into an anti-government rant. TFA doesn't say it cost 40k to do this.
TFA didn't have to quote a price. My estimate was based on publicly available information from the marketplace, and was certainly not "pulled out of my ass." My methods are very repeatable, and I suggest you replicate them yourself. I googled for "FSH4", then clicked "Shopping", then sorted by "price: high to low", figuring these units would float to the top of anything else numbered "FSH4", and they certainly did. New unit prices on the set of results ranged from $17,882.25 to $9,220.00, with a median of about $15,000. (The site with the $9,220 price included a "Pricing for U.S. customers only" warning.) I didn't figure they'd get them at the lowball price or at a significant discount, and I didn't figure they'd pay the top price either. The article did mention the manufacturer providing custom programming via "special order," but I did not add money to the estimate because if they were buying three from the manufacturer they may have received some custom work thrown in as part of the price.
And you should also note that I used the word "probably." It's not like I have access to the Taiwanese government's invoices, and could provide the exact figure. "Probably" can imply many things; in this case I placed $40,000 at the center of a rough bell curve of pricing. I think I'm within a standard deviation of how much an American company would pay, but I wouldn't say I have the same confidence in how much a Taiwanese police department would have spent.
Five minutes with Google provided enough data to get a reasonable estimate, and I did it the same way I start shopping for any expensive device.
Since these were purchased by the police, I suspect they may have other practical uses for them in mind. They probably weren't purchased only to catch a handful of cheaters, and then to be tossed aside. They may hope that a few public arrests will serve as deterrents for future cheaters, in which case this might be money well spent. They may plan to use them to detect other criminals. I don't know that, either. I just know that when I googled them I discovered these are some really expensive pieces of kit, and way out of my "casual hobbyist" range.
Wow, those R&S analyzers are some serious tools! I was just looking at frequency analyzers over at DealExtreme, where they have a dirt-cheap handheld model that sniffs out cellular frequencies for $60. Or they could have hung a cell jammer in the room for about a hundred. Or if they really thought they had to have the fancy gear, they probably could have hired in a contractor who would have sniffed around for maybe $300 per hour, and known what he was doing.
Was it was really worth the $40,000 they probably spent on them?
Oh, that's right. It's a government organization. Spending money is in their job description.
No, what Congress should be saying is "we need a vehicle that can place an 11,000 kg load in a 25,000 km orbit, it has to fly by 2015, we need 5 flights per year for the next ten years, ten of those flights will be manned missions to the ISS, and you have a budget of $6.5 billion." They can optionally say "and only build it in the USA", because the US economy is also in their jurisdiction.
Let NASA worry about reuse, booster tech, the number of stages, or if it's named Ares.
The parents are "underinformed" or "misinformed", not necessarily stupid. Sure, today we here know that the vaccine scare was bogus, but there are people who don't yet know that, and won't receive this update until it's too late.
Do the children deserve their fates because a clever trickster deceived their parents, and the parents haven't yet received the news that they were tricked?
It's not the kids who need to suffer and die. It's Wakefield who needs to be incarcerated for at least six counts of premeditated murder, and McCarthy who should be tried as his accomplice, and investigated for possible complicity in the fraud.
So, who's buying?
Obviously there are a lot more stupid, gullible, flaccid, short-penised, small-breasted, painkiller-addicted, bankrupt, acne-scarred, illegal immigrants than you realize.
The thing is they'd have to build a support infrastructure to support the PC world. Instructions for help staff, new menus in their IVRs, help files, etc. Application support is only a fraction of the work.
While all that may seem trivial on the surface, it's a ton of project management and detail work that takes a long time to pull together. They've done this before, so they know what it will take.
Most people ... have become so accustomed to just selecting a name from the contacts list that they can't remember the number.
You're confusing the abstraction that is the number with the intent to talk to the person. When I pick up the phone, it's not because I want to talk to your phone, it's because I want to talk to the person listening on the other end. A phone number seems like an important thing only because they've been required for the last 80 years and we're too young to have known phones without them; before that time you simply picked up the phone and stated your intent, and the operator connected you to John. The number is a now-forced abstraction that gets in the way.
People made the same arguments about automatic transmissions. What will people do if they get in a car with a stick? How will people ever drive successfully if they don't learn to drive stick? The real meaning behind the question was always an implied "if we don't make people learn stick then just anyone can drive without putting in the effort of learning." But generations of automatic-only drivers have proven that assumption wrong. Today's automatic transmissions are better at saving fuel and shifting appropriately than most humans, and they apply the rules 100% of the time, not just when the (often poorly trained) driver is concentrating on shifting correctly.
These tech assistants are for "cars for most people." They're not there to appease NASCAR wannabees, or hypermilers, or street rods. They're about the application of technology to solve problems that real people constantly demonstrate - such an inability to focus 100% of the time on everything going on around them simultaneously, especially during times of high stress such as emergency situations or loss of control. It doesn't involve giving up the ability to drive. It means having technology help the driver do the right thing more often than they otherwise would.
Blind spots? Most can be avoided by using a simple shoulder check.
You just nailed it right there. We have to define "most". So does the average driver miss the car in the blind spot one out of a thousand times? One out of ten thousand? Did a motorcycle sneak in there from behind a semi two lanes over, or a low sports car, from between the time I checked over my shoulder and the time I start moving my vehicle over? My point is that any tech that increases the driver's success ratio will overall help reduce accidents.
Having the tech does NOT absolve you from driving the car. The tools assist you, they don't replace you. Before changing lanes, I do a shoulder check AND I check my mirrors, same as always. I don't rely on a dashboard needle to say "no cars in the blind spots." I still have to look. And every so often, there's a little yellow light in the mirror that says "hey, check again. Things changed."
It's the auto-dim that takes longer than I personally wait. Out of habit I dim my lights when I see the "corona" of the oncoming car approaching from the other side of the hill, or around the curve, and I don't wait to see the actual headlights. And it's not like the car misbehaves if I manually dim them; the car doesn't override me and try to turn them back on bright. I wouldn't have a problem with the car trying to auto dim them if I forgot, but the system just isn't as sensitive as I am so I can't trust it to be primary-decider-in-charge-of-headlight-brightness.
I guess I'm OK with the car automatically turning the lights on bright after having dimmed them, as it's never made the mistake in reverse and turned the high beams on in the face of oncoming traffic.
First, understand that Slashdot is only going to provide a hint of what you will be doing. Security is complex and easy to get wrong, and there's a whole lot of evidence of that in the news. If security is important to your company, you should invest in a CISSP to really help you get things set up in a fashion that the industry considers to be best practices. Until then, consider these few generic suggestions.
Multiple layers of security help ensure that nothing goes astray, or if it does that it's detected before too much damage is done. And separation of duties helps make sure that one rogue actor can't do it all by himself.
Separate the admin of the box from the admin of the data. The guy who holds the root PW doesn't have to be the same guy who holds the private key for the database.
Add off-the-box auditing to the actions of root. As soon as someone signs on as root, notification is sent to a different box of the originating IP and it's timestamped. Don't let your application sysadmin be the sysadmin of the audit box! And the auditor should investigate carefully any situations that are out of the ordinary. (This box fell off the network just before root logged on? That's an odd coincidence.)
Define expected behavior with policies. If you want to run a trustworthy ship, clearly stating who has access to do what with which systems eliminates confusion, and helps avoid where one sysadmin creeps over into other systems.
Ultimately, you've placed trust your admin to do a job, and you need to trust him or her to do that job. Somebody's got to be root. But they also have to know they'll be held accountable for what they do.
But that's why they should take time to play with the sensors, and to understand their lower limit thresholds. They can discover in advance that anything they see on an exposure darker than "X" is most likely due to the environment of the sensor, not of the light falling on it.
I wouldn't at all be surprised to see patterns in an all-black shot. JPEG quantization would be my first guess at an explanation. The proximity of my body heat to the sensor would be next, drafts in the camera body, humidity, static electricity, radon dust, manufacturing defects, CMOS noise, etc. There are dozens of natural phenomena that the sensor could be sensitive to in an all-black exposure.
The paranormal would always be last on my list, as I would tend to think I was missing the physical explanation before believing a metaphysical one was responsible.
Why can't the computer in your vehicle be communicating with the computers in the vehicles around it? There is no reason that a sufficiently advanced program couldn't anticipate such a scenario and avoid it altogether.
Are you going to trust the computer in the car in front of you? That looks like one of those flaky Moldavian cars, and everyone knows they have bugs. Or what about the guy with the laptop and all the antennas protruding from his roof and a pair of wireshark and ubuntu logos jauntily jeering at you from his bumper stickers? Do you trust all the signals your car is receiving now?
http://googleblog.blogspot.com/2010/10/what-were-driving-at.html
Google has been quietly testing self-driving cars on real California roads in real California traffic, from Mountain View to Santa Monica, down the PCH, and through San Francisco. They've had seven instances where test cars logged over 1,000 real world miles with no human intervention. They've logged 140,000 total miles. That's more than a "carefully selected course." They did, however, send a driver in advance to drive the road with a video and data capturing vehicle in order to fully map the road prior to the autonomous tests. I understand they used a lot of CPU to pre-process data like identifying road signs, shoulders, curbs, trees, potholes, etc. Let's call it a "carefully mapped course".
There is no mention in the article if they specifically trusted the cars to autonomously handle emergency vehicles, children, or the turbulence of a semi, but I assume those are the scenarios where the trained test drivers assumed manual control before the car had the chance to get in trouble. Since safety is their primary goal, I don't think they are willing to risk placing an autonomous car in a real-world emergency situation that endangers non-consenting participants. In that respect I believe you are correct, and we can say the cars still are driving in primarily uneventful conditions.
No, you can't watch an in-dash movie unless the transmission is in park. Yes, you can yakk hands-free on the phone, and be distracted. Yes, you can dick around with the navigation system while driving (although you cannot enter text fields while the car is moving.) There are cup holders for everyone.
And like everyone who posts "my car is fine without all that crap", the same arguments can be made in reverse: you can yakk on a phone without having it built into the car. You can suction-cup a nav system to the windshield and dick around with it while you drive. You can hang a cup holder off the door handle and sip lattes at 70MPH. People can be as stupid as they possibly can, with or without the car enabling them.
I want them to have systems that will keep all of us out of as many accidents as possible.