You don't seriously expect people to spend the day plowing through this without a summary, do you? Where's the abstract for this report, book, manifesto, or whatever it is?
...is somewhere along the line SOMEONE has to be trusted. That secure program that transfers files? How do you know it doesn't have a back door/hidden features? You audit that source code..do you trust the auditor? How do you know he's not in collusion with the programmer? Hmm, better get someone or someones to audit them. And so on.... Technical restrictions are good, but they're not the be-all. Technically, the best locked down systems aren't usable (any geezers here remember C2 [orange book] Windows NT 4 systems? Very secure (especially for NT in the day)...and wholly unusable).
His comments about securing ssh are just common sense and best practices (for once they coincide). As he pointed out, metal detectors would have caught the egress of the thumb drives. Just as locks on reinforced cockpit doors would have prevented 9/11, sometimes the low-tech scalable solution is the best solution.
The postmaster General is right, those 400 junk mailers are paying for the entire system. That letter you send once a year for $.50 doesn't even come close to paying the billions those junk mailers pay that provides the money the USPS needs to have 100K employees and a fleet of vehicles and planes that would dwarf some governments.
Yep, this. Look at this way: I can send a letter first class for what,.50cents (with forever stamps I don't remember what they cost now) clear across the country for less than the price of a candy bar. If the junk mailers effectively subsidize that...more power to them. I have a recycle bin to toss their shit into. Like spam and tv commercials there's some appeal to someone (just not to me).
Somehow I have the feeling that if a nuke detonates, that is powerful enough to produce an EMP that causes a blackout in the entire USA, the EMP will be low on the list of things to worry about. That is, assuming you survive the initial blast long enough to even realise there is a nation-wide blackout.
A ground-based/low altitude nuke will kill you, but not cause an EMP pulse. A very high altitude nuke will cause an EMP, and not give any radiation to the ground. While they're both fruit, it's apples and oranges.
"... when lawyers aren't kept on a short enough leash"
Here is a typical joke about lawyers in the United States: There was a terrible tragedy. A van carrying 5 lawyers went over a cliff. What was the tragedy? There was room for 1 more lawyer.
The common underlying feeling is that the legal profession in the U.S. is often out of control.
So the laws of supply and demand say that since the law schools are excreting so many of them the prices should be going down, right? Would that it would be true. Instead, they're uniquely positioned to create more work for themselves by chasing the harmless, the frivolous, and the inane...all which still have to be defended against...producing more work for other lawyers.
Sony puts a rootkit on a CD? Boycott. Apple tells you you're holding your iPhone wrong? Boycott.
Problem is it's nonsense. A boycott is the fiscal equivalence of silence. Your favorite restaurant changes the way they make ? Boycott is the equivalent of "go somewhere else." Well, that sucks. How about "tell the manager/owner you don't like the new recipe"? Try communicating that you're unhappy and why with them. Otherwise your absence means nothing. It's statistically lost in seasonal variance, for instance.
So, for this, send a letter to the company explaining your problem. Send them a "do not like" letter, basically. Boycott alone is meaningless.
The problem with that in this case is then you have a relationship with them by their standard and are then bound by their TOS.:-)
and they've done their best at tax avoidance depriving each country where they trade of valuable tax revenue
In violation of the law? No? Better change the laws then. I damn well take my mortgage deductions, etc, when I do my taxes. I owe that to me. If Apple (and all of the other companies....) take advantage of loopholes and other deductions it's because they owe that to their shareholders. Don't like it? Get the laws changed.
Umm, other than spouting a cliché, have you ever seen what PARC designed? No such thing as direct object manipulation (you clicked on an icon and then got a menu; you couldn't do anything with that icon. Couldn't drag it, move it, double-click it.). No hierarchal space, nothing analogous to QuickDraw, etc. I could go on...
Just because a buggy also had 4 wheels doesn't mean your BMW is much of a derivative.
"The company lists dozens of open source projects and components that it contributes code to: from the Apache web server"
And that, my friends, is what open source is all about. You use, you give code back.
The article title should really be "Apple's Spotty Record of Giving Monetarily To The Apache Foundation." To agree with that Apple should be giving them money is the moral equivalent of saying that users should have to pay to use Apache.
Mankind has been selectively breeding animals for favoured traits, including behaviour, for thousands of years. All we will need is cattle bred to come running up to any humans it sees, calling out eat me eat me.
And they can come up to our tables and tell us what cuts are particularly good, right?
What the summary fails to explain properly is that this vulnerability only works with permissions that are new when the device gets an OS update. Say you install an app and it asks for permission to use NFC, but your device's OS is old and doesn't support NFC (pre 4.0 I think). You install it anyway. Then you upgrade the OS and now it supports NFC. The app then gets the NFC permission without any further prompts or warning to the user.
That is certainly an issue, but not the huge gaping security flaw the summary makes it sound like. Apps can only ask for normal permissions that the OS offers, not bypass security or the sandbox. It's basically a UI issue.
Yeah, and since the carriers update Android devices so infrequently the threat exposure is more theoretical than practical.
Not in the United States mainstream media (CNN, broadcast networks, etc) and that's what matters since the US was really the only major player that cared at all about the Ukrainian invasion.
Distract the American people, and Russia knows that it can do anything it wants.
Slashdot Mirror
You don't seriously expect people to spend the day plowing through this without a summary, do you? Where's the abstract for this report, book, manifesto, or whatever it is?
The video game generation strikes again.
...is somewhere along the line SOMEONE has to be trusted. That secure program that transfers files? How do you know it doesn't have a back door/hidden features? You audit that source code..do you trust the auditor? How do you know he's not in collusion with the programmer? Hmm, better get someone or someones to audit them. And so on....
Technical restrictions are good, but they're not the be-all. Technically, the best locked down systems aren't usable (any geezers here remember C2 [orange book] Windows NT 4 systems? Very secure (especially for NT in the day)...and wholly unusable).
His comments about securing ssh are just common sense and best practices (for once they coincide). As he pointed out, metal detectors would have caught the egress of the thumb drives. Just as locks on reinforced cockpit doors would have prevented 9/11, sometimes the low-tech scalable solution is the best solution.
...maybe the predatory pricing has something to do with it. Cut the price more than a token 1-2% and then see what happens.
The postmaster General is right, those 400 junk mailers are paying for the entire system. That letter you send once a year for $.50 doesn't even come close to paying the billions those junk mailers pay that provides the money the USPS needs to have 100K employees and a fleet of vehicles and planes that would dwarf some governments.
Yep, this. Look at this way: I can send a letter first class for what, .50cents (with forever stamps I don't remember what they cost now) clear across the country for less than the price of a candy bar. If the junk mailers effectively subsidize that...more power to them. I have a recycle bin to toss their shit into. Like spam and tv commercials there's some appeal to someone (just not to me).
I only rent from amazon when something isn't on netflix, hbogo, iTunes, or amazon prime.
Sounds more like a reason not to buy in to the Apple/iOS ecosystem.
Please name me one phone other than the iPhone that works with Amazon streaming, be it pay-per-view or Prime.
Probably the upcoming Amazon phone of which this removal of in-app purchasing is part of the strategy for it.
Somehow I have the feeling that if a nuke detonates, that is powerful enough to produce an EMP that causes a blackout in the entire USA, the EMP will be low on the list of things to worry about. That is, assuming you survive the initial blast long enough to even realise there is a nation-wide blackout.
A ground-based/low altitude nuke will kill you, but not cause an EMP pulse. A very high altitude nuke will cause an EMP, and not give any radiation to the ground. While they're both fruit, it's apples and oranges.
http://en.wikipedia.org/wiki/O...
The degeneration of society seems to be pretty plausible. Kind of ties in with the "post-apocalyptic skills" thread of a few weeks ago.
"... when lawyers aren't kept on a short enough leash"
Here is a typical joke about lawyers in the United States: There was a terrible tragedy. A van carrying 5 lawyers went over a cliff. What was the tragedy? There was room for 1 more lawyer.
The common underlying feeling is that the legal profession in the U.S. is often out of control.
This is interesting: What country in the world has most lawyers per capita? Answer: The United States. There is one lawyer for every 265 Americans.
So the laws of supply and demand say that since the law schools are excreting so many of them the prices should be going down, right? Would that it would be true. Instead, they're uniquely positioned to create more work for themselves by chasing the harmless, the frivolous, and the inane...all which still have to be defended against...producing more work for other lawyers.
'nuf said.
That's the only way to get companies to stop doing shit like this. Hit them where it hurts...the bottom line.
$18 billion in annual sales.
Good fucking luck putting a dent in that bottom line. Or more to the point, finding enough consumers who actually give a shit.
'nuff said.
More the latter than the former. But I can do my part and sleep at night.
Don't buy their products. Boycott.
People keep suggesting things like this.
Sony puts a rootkit on a CD? Boycott. Apple tells you you're holding your iPhone wrong? Boycott.
Problem is it's nonsense. A boycott is the fiscal equivalence of silence. Your favorite restaurant changes the way they make ? Boycott is the equivalent of "go somewhere else." Well, that sucks. How about "tell the manager/owner you don't like the new recipe"? Try communicating that you're unhappy and why with them. Otherwise your absence means nothing. It's statistically lost in seasonal variance, for instance.
So, for this, send a letter to the company explaining your problem. Send them a "do not like" letter, basically. Boycott alone is meaningless.
The problem with that in this case is then you have a relationship with them by their standard and are then bound by their TOS. :-)
'nuf said.
That's the only way to get companies to stop doing shit like this. Hit them where it hurts...the bottom line.
...that Ukraine is there already!
and they've done their best at tax avoidance depriving each country where they trade of valuable tax revenue
In violation of the law? No? Better change the laws then. I damn well take my mortgage deductions, etc, when I do my taxes. I owe that to me. If Apple (and all of the other companies....) take advantage of loopholes and other deductions it's because they owe that to their shareholders. Don't like it? Get the laws changed.
LOL @ the car analogy also.
I think thats down to Xerox Parc, not Apple
Umm, other than spouting a cliché, have you ever seen what PARC designed? No such thing as direct object manipulation (you clicked on an icon and then got a menu; you couldn't do anything with that icon. Couldn't drag it, move it, double-click it.). No hierarchal space, nothing analogous to QuickDraw, etc. I could go on...
Just because a buggy also had 4 wheels doesn't mean your BMW is much of a derivative.
"The company lists dozens of open source projects and components that it contributes code to: from the Apache web server"
And that, my friends, is what open source is all about. You use, you give code back.
The article title should really be "Apple's Spotty Record of Giving Monetarily To The Apache Foundation." To agree with that Apple should be giving them money is the moral equivalent of saying that users should have to pay to use Apache.
What do you think would happen if hunting became deregulated? Game populations would disappear. .
Doesn't that depend on the nature of the catastrophe and how much population has been lost?
Mankind has been selectively breeding animals for favoured traits, including behaviour, for thousands of years. All we will need is cattle bred to come running up to any humans it sees, calling out eat me eat me.
And they can come up to our tables and tell us what cuts are particularly good, right?
I guess no one ever hunts in your world? Or will people just be going to the post-apocolyptic Safeway?
Knowing how to shoot and shoot well would be an invaluable skill.
I think your meds wore off.
Imagine out-Hunter S. Thompson'ing Hunter S. Thompson. This did.
What the summary fails to explain properly is that this vulnerability only works with permissions that are new when the device gets an OS update. Say you install an app and it asks for permission to use NFC, but your device's OS is old and doesn't support NFC (pre 4.0 I think). You install it anyway. Then you upgrade the OS and now it supports NFC. The app then gets the NFC permission without any further prompts or warning to the user.
That is certainly an issue, but not the huge gaping security flaw the summary makes it sound like. Apps can only ask for normal permissions that the OS offers, not bypass security or the sandbox. It's basically a UI issue.
Yeah, and since the carriers update Android devices so infrequently the threat exposure is more theoretical than practical.
'In an ensuing discussion with the reporter from the Associated Press, I called the technology "bitcom."'
If he had called it "bitcon" he'd have nailed it.
Not in the United States mainstream media (CNN, broadcast networks, etc) and that's what matters since the US was really the only major player that cared at all about the Ukrainian invasion.
Distract the American people, and Russia knows that it can do anything it wants.
Maskirovka.