the benefit of reporting bottoms up is you can see a list of your primary sources and work to clean up those sources. if you just get a tops down number, it doesn't provide any indications about how to start cleaning things up.
The other benefit is that you can really make up whatever numbers you want and schedule the spot checks on those days that match the paperwork. Oh wait... you need both low level reporting and overall monitoring to keep the low level reporting system honest and also to get the big picture when the low level reporting numbers don't add up.
Do the crime, do the time, that should be the end of it.
The West's obsession with adding people to lists, especially "sex offender registries" which make it nearly impossible to live in any city environment, really amounts to cruel and unusual punishment. If you're still supposedly a threat to society then you should still be in jail. If you're OK to be released from jail then you've paid your dues to society and you should regain all of your rights.
What about the victim's freedom of speech? If you have committed a crime against someone then don't they have a right to say that you committed a crime against them without being censored? Seems the real victim here is the truth.
Also, considering how life thrives even in hostile environments here on Earth, it's simply a mathematical impossibility that there are no other planets in the universe capable of supporting some kind of life.
That life has adapted to hostile environments doesn't mean that life originated in those same hostile environments. It could be that the conditions for creating life are very specific to a particular set of conditions or perhaps they are as flexible as you suggest.
Personally I find it inconceivably unlikely that the conditions necessary for life to begin would be limited to just a primordial Earth. Usually one instance in the natural world means that you will be able to find other instances when you look further.
But I think we do need more data since as far as I know we have very limited information about what specific conditions are necessary for biological processes to begin on a lifeless world in the first place and also very limited information about what the conditions of planets outside the solar system are and have been over their histories.
Given the limits of what we know it seems reasonable to just assume there are other planets with life based on the example of Earth and accept that we need a lot more data to narrow down the likely probability.
Kasich is next to last, Carson is in last and both are in single digits most of the time. Neither has any conceivable path to victory. They would need all of the top three candidates to suddenly drop out or have their support collapse... not reasonable to expect of three other leading candidates at this stage.
The dilemma applies more to Rubio and Cruz, both of whom have about equal support and are essentially tied for second place, but if either dropped out it would be close to conceivable that either could assume the lead. Kasich (and Carson) are a piece of that puzzle to help put another candidate over the top if they drop out, but as long as both Cruz and Rubio are still in it seems they will roughly split the vote at around 20 something percent each.
It would be interesting to see what the results would be if they had approval voting, where you can vote for all the candidates you find acceptable. With higher negatives, a candidate like Trump couldn't rely on vote splitting if an approval voting system was in place.
If we are talking about sending very small micro satellite or slightly larger sized probes, then who cares about slowing down? You can get good data without slowing down.
I think that disposable probes is where you start. Sending small probes (anywhere) for a few million each to get you to a proof of concept.
Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.
According to one legal analyst, the FBI and NSA already have this capability. What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.
Apple should just agree to do it for the FBI on this particular phone on condition that they withdraw the court order so it isn't precedent setting. And make it clear that newer model phones do not have this same vulnerability that the FBI wants Apple to exploit, so that Apple will not have the technical means to do this hack in the future.
Didn't the FCC solve this with the Cable Card thing? I have a media server that emulates a cable box for my whole house. Works great.
The only real problem here is that with the demise of Windows Media Center and Windows 7 there isn't a viable fully vetted option for me to turn to that will allow me to watch and DVR protected content. Yes, Silicon Dust is working on a version, but it's not yet certified (as far as I know) for protected content.
The FCC already solved this issue. Why are they trying to solve it again?
There is no reason they can't just do it with software and a protocol for key exchange.
If there's ever a case where I'd rather sacrifice some convenience for security, this is it... even if it means giving up smartphones.
The principle at stake in the broader debate about governments forcing companies to provide back doors to communications and computer storage devices is what kind of society we want to live in. Even in the worst totalitarian regimes you can achieve effective privacy through isolation and minding your own business. Privacy doesn't mean anything if you can't participate fully in society to achieve it.
Bingo. That is the problem with this case. I don't agree they should be forced to give the FBI their signing keys because that would give the FBI and any third parties that got Apple's signing keys access to make all sorts of changes to the firmware that would undermine security for all devices and not just this one. And I firmly oppose making companies provide future back doors to the government.
But if Apple themselves can take the phone and treat it like a test phone and load up a custom firmware that disables the password retry limit, then that becomes simply a question about what level of effort should be required of any third party in order to assist with a legal search.
The order could mean days or weeks of work for a small team at Apple and the risk of accidentally bricking the phone and wiping the data would mean it would have to be well tested on other iPhones 5Cs before it was tried on the actual phone.
And I think the point about confusing the issue and setting precedent is important. I think this will be very hard for future judges to distinguish between what is technically possible on new phones versus old phones and the precedent could be seen as simply that the government successfully got Apple to install a backdoor on their products.
This is basically a no-win situation and I think the ACLU and Apple need to be arguing to put some limits on this order and not try to challenge the underlying legal basis because if we were talking about a land lord with the keys to the back door, then there would be no legal question.
This is more like ordering the carpenter that built a house to go put in a back door because the front door is locked and they can't break it down. Is that a reasonable amount of work to require? What about compensation and forced servitude?
The government really wants Apple to install back doors on all its products, so they have found this grey area where there is already a vulnerability that Apple could potentially exploit. And I think that once they establish that the government may force a company to help exploit existing vulnerabilities, then it might not be as big of a leap to try and force companies to create and maintain those vulnerabilities.
And even if they don't go that far, any company that doesn't provide back doors will be at risk of being forced to expend unknown resources to hack their own products if the FBI finds an exploit that they just need the company's help with.
So the proposition then becomes either you install a backdoor or we will find one anyway and force you to help us exploit it at potentially significant cost to your company.
The FBI isn't asking for a new backdoor, they are asking to use one that Apple already created inadvertently. Call it a design flaw, but this older model phone has a flaw that allows Apple to send it a signed software update that will disable the limit on password tries.
And if it is a 4 digit numeric pin that means only 10k possible combinations. Basically someone trying every combination manually could probably crack it in a few days assuming Apple can also update the firmware so that it can check the password without delay.
I agree that Apple should be able to design and sell phones without back doors and that they should not be compelled to provide back doors to the government. But they are the ones that got themselves into this with a poor security design on this older phone.
On the newer phones apparently this is apparently not an issue since the chip that stores the encryption keys is what enforces the password try limit.
This case isn't about privacy. I don't think anyone with any knowledge of the law and legal precedent would seriously dispute the government's right to search the phone of someone who has carried out a terrorist attack.
What this case is about what a third party can reasonably be ordered to do (without compensation?) to facilitate a legal search. This goes well beyond a landlord being ordered to unlock a back door. Or even allowing a wire tap to be installed on a phone line. My guess would be that assisting the FBI would probably take a few days and potentially disrupt Apple's iOS QA cycle for that long if they have to utilize in house resources.
Maybe longer since they essentially have to fork the iOS code base for this one device and then somehow isolate and target this one device for a software update. Oh and really trying hard not to brick the phone in the process. Not trivial, but certainly a somewhat borderline case considering the relatively vast resources of Apple.
And being ordered to turn over their iOS signing certificate and iOS source code so the FBI can do it themselves should be way way off the table.
The issue here isn't this particular person's right to privacy. In this case there is a criminal investigation and the FBI has a legal right to access the phone as they would in any other criminal investigation where they have gotten a warrant. One of the issues here is whether Apple can be forced to assist the government to gain access to the phone's data. This has more to do with what is reasonable.
If as it has been said that Apple has designed a phone that they themselves cannot circumvent the encryption then I don't think there would be an issue at all because it would not be reasonable for the court or government to require Apple's assistance. But that doesn't seem to be the case here. Apple does in fact have the technical means to help hack this one particular phone because it is an older model that is less secure.
Wasn't it already figured out that trying to blow nukes off on an asteroid surface would achieve approximately JACK SHIT?
They're not sufficiently powerful to break up mass, and due to being nuked in space, the kinetic transfer is significantly less, therefore "deflection" wouldn't happen either.
And flying up and digging in a bunch of nukes isn't ever going to happen for a host of reasons...
So why, all of the sudden, are we digging up a bunch of brain-dead movie fodder that we already know won't work?
A new generation of people whose ability to reason has been compromised by mass media?
The real answer is that it depends on the particular circumstances... The composition of the asteroid, the time to impact, the yield of the nuclear weapon(s). As far as I am aware the simulations have shown different outcomes depending on the scenario. In general if you have enough warning you can use something other than nuclear weapons. But with less warning you will probably need to use a nuclear weapon or many nuclear weapons.
So the bottom line is that there is no general conclusion you can make about using nuclear weapons.
In some circumstances a nuke is probably the best or only option to either destroy the asteroid or at least vaporize enough of the asteroid to reduce the damage it will cause. Because some material will vaporize and if it breaks up then more surface area of smaller pieces will cause more to material to vaporize in the atmosphere. And in some circumstances a nuke will either do no good or possibly even make the situation worse. But at some point if the situation is desperate and there is very limited time for good analysis, then lobbing a nuke (or twenty) at an incoming asteroid is probably going to at least break it up enough so less mass will make it through the atmosphere. But again, if we are talking a bout a different scenario where something that was going to cause regional destruction was going to hit in the middle of an unpopulated or less populated area and now post nuke several large pieces are going to directly hit 3 major cities, then potentially you have made the problem worse.
So the answer is that it depends and you had better be ready to run some simulations and be ready with some nuclear weapons just in case.
Yes, software projects are notorious for this scoping issue. Think healthcare.gov. Without ascribing even any milking motive... it is simply very hard to conceptualize what it might take to build out some software systems. If you conceive a simple button on a screen, it may take a few seconds to place the button there but then it has to do something when you press it.
People often think in terms of UI for scoping purposes. But think about the data, and back end processing that needs to happen. It is sometimes just hard to conceptualize and scope.
Google is a good example. It's primary UI is a text input and a button and then think about what is behind that and how many iterations of software processing and data collection underpin the functionality.
It's worth noting that this wouldn't work on any device that has a Secure Enclave and TouchID. The Secure Enclave can't be updated or tampered with without it erasing its keys, leaving the phone permanently encrypted. If the SE isn't modified, it imposes delays on responding to passcode requests so that after the 9th request, there's a delay of 1hr before you can try again.
The phone in question is a 5c, so yes, Apple could theoretically do what is being asked of them. But the phones after that--no.
Thanks that is what I was getting at. Good info.
So the next question is whether they can target this specific phone with a patch to disable the ten password attempt limit and therefore allowing the FBI to continue a brute force attack on the pin number... which would be relatively simple. It sounds like the answer is yes, that they could probably do so if they brought the phone in house and updated the firmware like they would when they test new firmware updates.
As much as it pains me, I think the FBI is right on this one. It sounds like it would be reasonably simply for Apple to take this device in-house and install firmware with a patch on this older device to remove the 10 attempt limit. But if the only way to get around this limit would be to install a back door on all devices, then I think that Apple is right to fight this. The devil is really in the details.
The question for Apple is what kind of can of worms this opens up since there are so many of these devices still in use.
This is also an important technical discussion because if the ten password limit can be bypassed with a firmware update then a brute force on a 4 digit pin is relatively simple and users should be aware that their devices are not really as secure as they might have thought.
As long as Apple can install a signed update on the device without decrypting it first, this will be possible. They need to remedy that quickly.
Yes, Apple has all along insisted that they can't break the encryption on the phone. But the FBI apparently knows they can and wants them to do it. That means there is already effectively a back door and they just need Apple to sign the software update. So Apple has been lying.
Oh I've seen consultants milk contracts and rolling requirements specification for tens of thousands of dollars and months of work in a midsize company.
Yes, small businesses are usually much much tighter with money and I've seen them have the opposite problem where if you have to justify every expense with the real cost that things simply don't get done that should get done.
The fastest failure, is when you don't even start. And no, you're not getting a bonus for that either.
Well, assuming you don't just say no to every risky idea and are adding value to the decision chain by approving projects that are more likely to succeed then yes I think you would eventually be getting a bonus based on success of some of those projects. Or if you are not a decision maker then at least you can inform your management about a dead end and then hopefully get reassigned to something you can succeed at doing.
Overall, I think the real test is whether you can document the unknowns and document that they are actually unknowns to everyone in the industry and then get a result that can better inform future decision making in that area by narrowing down the unknowns.
You want iterative trial and error informed by the previous iteration, not just dumb trial and error in a vacuum.
I'd say that failure of business systems projects are pretty common and largely the result of either:
1) business people (project managers, analysts, middle management) that don't think about time or money and are dead set to make people adhere to arbitrary "requirements" that should have been cut as soon as someone said it would take more than 30 seconds to do or they never even asked and assumed it would take 30 seconds to do because they lack experience to know.
and/or
2) IT people that will give the business as much rope as they want to hang themselves with without pushing back because they are either working by billable hours or are used to working billable hours and are more than willing to let project costs and timelines spiral out of control because that is what puts the meals on the table and they can just blame the project management and requirements when management suddenly decides they would have rather have a project succeed than get every requirement implemented.
Slashdot Mirror
the benefit of reporting bottoms up is you can see a list of your primary sources and work to clean up those sources. if you just get a tops down number, it doesn't provide any indications about how to start cleaning things up.
The other benefit is that you can really make up whatever numbers you want and schedule the spot checks on those days that match the paperwork. Oh wait... you need both low level reporting and overall monitoring to keep the low level reporting system honest and also to get the big picture when the low level reporting numbers don't add up.
It's one VERY important bit...
The last bit of freedom
Do the crime, do the time, that should be the end of it.
The West's obsession with adding people to lists, especially "sex offender registries" which make it nearly impossible to live in any city environment, really amounts to cruel and unusual punishment. If you're still supposedly a threat to society then you should still be in jail. If you're OK to be released from jail then you've paid your dues to society and you should regain all of your rights.
What about the victim's freedom of speech? If you have committed a crime against someone then don't they have a right to say that you committed a crime against them without being censored? Seems the real victim here is the truth.
Seriously Windows phone is less than 3%. The only thing keeping it in the vicinity of relevant is the money that Microsoft spends marketing it.
I know that I couldn't care less how many other people use Windows Phone. I use it because it's a better product.
Sure, I use Linux because it is a better desktop OS than Windows, but I wouldn't call its less than 2% market share a "horse race" with Windows.
And even BlackBerry has dropped Blackberry OS in favor of their flavor of Android.
With over 1 billion active users, and the backing of Facebook, is WhatsApp finally reducing the mobile landscape to a three-horse race ?
Seriously Windows phone is less than 3%. The only thing keeping it in the vicinity of relevant is the money that Microsoft spends marketing it.
Also, considering how life thrives even in hostile environments here on Earth, it's simply a mathematical impossibility that there are no other planets in the universe capable of supporting some kind of life.
That life has adapted to hostile environments doesn't mean that life originated in those same hostile environments. It could be that the conditions for creating life are very specific to a particular set of conditions or perhaps they are as flexible as you suggest.
Personally I find it inconceivably unlikely that the conditions necessary for life to begin would be limited to just a primordial Earth. Usually one instance in the natural world means that you will be able to find other instances when you look further.
But I think we do need more data since as far as I know we have very limited information about what specific conditions are necessary for biological processes to begin on a lifeless world in the first place and also very limited information about what the conditions of planets outside the solar system are and have been over their histories.
Given the limits of what we know it seems reasonable to just assume there are other planets with life based on the example of Earth and accept that we need a lot more data to narrow down the likely probability.
Kasich is next to last, Carson is in last and both are in single digits most of the time. Neither has any conceivable path to victory. They would need all of the top three candidates to suddenly drop out or have their support collapse... not reasonable to expect of three other leading candidates at this stage.
The dilemma applies more to Rubio and Cruz, both of whom have about equal support and are essentially tied for second place, but if either dropped out it would be close to conceivable that either could assume the lead. Kasich (and Carson) are a piece of that puzzle to help put another candidate over the top if they drop out, but as long as both Cruz and Rubio are still in it seems they will roughly split the vote at around 20 something percent each.
It would be interesting to see what the results would be if they had approval voting, where you can vote for all the candidates you find acceptable. With higher negatives, a candidate like Trump couldn't rely on vote splitting if an approval voting system was in place.
We have had divided government for a lot longer than just since the 1990s.
What you wrote is untrue. Many current polls show most of the Republican candidates would beat Clinton in the general election And that has been true for months. Hillary Clinton has a good chance of beating Trump, but that is about it.
If we are talking about sending very small micro satellite or slightly larger sized probes, then who cares about slowing down? You can get good data without slowing down.
I think that disposable probes is where you start. Sending small probes (anywhere) for a few million each to get you to a proof of concept.
Just play with them in Earth orbit to start.
Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.
According to one legal analyst, the FBI and NSA already have this capability. What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.
Apple should just agree to do it for the FBI on this particular phone on condition that they withdraw the court order so it isn't precedent setting. And make it clear that newer model phones do not have this same vulnerability that the FBI wants Apple to exploit, so that Apple will not have the technical means to do this hack in the future.
Didn't the FCC solve this with the Cable Card thing? I have a media server that emulates a cable box for my whole house. Works great.
The only real problem here is that with the demise of Windows Media Center and Windows 7 there isn't a viable fully vetted option for me to turn to that will allow me to watch and DVR protected content. Yes, Silicon Dust is working on a version, but it's not yet certified (as far as I know) for protected content.
The FCC already solved this issue. Why are they trying to solve it again?
There is no reason they can't just do it with software and a protocol for key exchange.
If there's ever a case where I'd rather sacrifice some convenience for security, this is it... even if it means giving up smartphones.
The principle at stake in the broader debate about governments forcing companies to provide back doors to communications and computer storage devices is what kind of society we want to live in. Even in the worst totalitarian regimes you can achieve effective privacy through isolation and minding your own business. Privacy doesn't mean anything if you can't participate fully in society to achieve it.
Bingo. That is the problem with this case. I don't agree they should be forced to give the FBI their signing keys because that would give the FBI and any third parties that got Apple's signing keys access to make all sorts of changes to the firmware that would undermine security for all devices and not just this one. And I firmly oppose making companies provide future back doors to the government.
But if Apple themselves can take the phone and treat it like a test phone and load up a custom firmware that disables the password retry limit, then that becomes simply a question about what level of effort should be required of any third party in order to assist with a legal search.
The order could mean days or weeks of work for a small team at Apple and the risk of accidentally bricking the phone and wiping the data would mean it would have to be well tested on other iPhones 5Cs before it was tried on the actual phone.
And I think the point about confusing the issue and setting precedent is important. I think this will be very hard for future judges to distinguish between what is technically possible on new phones versus old phones and the precedent could be seen as simply that the government successfully got Apple to install a backdoor on their products.
This is basically a no-win situation and I think the ACLU and Apple need to be arguing to put some limits on this order and not try to challenge the underlying legal basis because if we were talking about a land lord with the keys to the back door, then there would be no legal question.
This is more like ordering the carpenter that built a house to go put in a back door because the front door is locked and they can't break it down. Is that a reasonable amount of work to require? What about compensation and forced servitude?
The government really wants Apple to install back doors on all its products, so they have found this grey area where there is already a vulnerability that Apple could potentially exploit. And I think that once they establish that the government may force a company to help exploit existing vulnerabilities, then it might not be as big of a leap to try and force companies to create and maintain those vulnerabilities.
And even if they don't go that far, any company that doesn't provide back doors will be at risk of being forced to expend unknown resources to hack their own products if the FBI finds an exploit that they just need the company's help with.
So the proposition then becomes either you install a backdoor or we will find one anyway and force you to help us exploit it at potentially significant cost to your company.
The FBI isn't asking for a new backdoor, they are asking to use one that Apple already created inadvertently. Call it a design flaw, but this older model phone has a flaw that allows Apple to send it a signed software update that will disable the limit on password tries.
And if it is a 4 digit numeric pin that means only 10k possible combinations. Basically someone trying every combination manually could probably crack it in a few days assuming Apple can also update the firmware so that it can check the password without delay.
I agree that Apple should be able to design and sell phones without back doors and that they should not be compelled to provide back doors to the government. But they are the ones that got themselves into this with a poor security design on this older phone.
On the newer phones apparently this is apparently not an issue since the chip that stores the encryption keys is what enforces the password try limit.
This case isn't about privacy. I don't think anyone with any knowledge of the law and legal precedent would seriously dispute the government's right to search the phone of someone who has carried out a terrorist attack.
What this case is about what a third party can reasonably be ordered to do (without compensation?) to facilitate a legal search. This goes well beyond a landlord being ordered to unlock a back door. Or even allowing a wire tap to be installed on a phone line. My guess would be that assisting the FBI would probably take a few days and potentially disrupt Apple's iOS QA cycle for that long if they have to utilize in house resources.
Maybe longer since they essentially have to fork the iOS code base for this one device and then somehow isolate and target this one device for a software update. Oh and really trying hard not to brick the phone in the process. Not trivial, but certainly a somewhat borderline case considering the relatively vast resources of Apple.
And being ordered to turn over their iOS signing certificate and iOS source code so the FBI can do it themselves should be way way off the table.
Being able to disable the failed login attempt limit on a 4 digit pin is effectively a back door.
The issue here isn't this particular person's right to privacy. In this case there is a criminal investigation and the FBI has a legal right to access the phone as they would in any other criminal investigation where they have gotten a warrant. One of the issues here is whether Apple can be forced to assist the government to gain access to the phone's data. This has more to do with what is reasonable.
If as it has been said that Apple has designed a phone that they themselves cannot circumvent the encryption then I don't think there would be an issue at all because it would not be reasonable for the court or government to require Apple's assistance. But that doesn't seem to be the case here. Apple does in fact have the technical means to help hack this one particular phone because it is an older model that is less secure.
Wasn't it already figured out that trying to blow nukes off on an asteroid surface would achieve approximately JACK SHIT?
They're not sufficiently powerful to break up mass, and due to being nuked in space, the kinetic transfer is significantly less, therefore "deflection" wouldn't happen either.
And flying up and digging in a bunch of nukes isn't ever going to happen for a host of reasons...
So why, all of the sudden, are we digging up a bunch of brain-dead movie fodder that we already know won't work?
A new generation of people whose ability to reason has been compromised by mass media?
The real answer is that it depends on the particular circumstances... The composition of the asteroid, the time to impact, the yield of the nuclear weapon(s). As far as I am aware the simulations have shown different outcomes depending on the scenario. In general if you have enough warning you can use something other than nuclear weapons. But with less warning you will probably need to use a nuclear weapon or many nuclear weapons.
So the bottom line is that there is no general conclusion you can make about using nuclear weapons.
In some circumstances a nuke is probably the best or only option to either destroy the asteroid or at least vaporize enough of the asteroid to reduce the damage it will cause. Because some material will vaporize and if it breaks up then more surface area of smaller pieces will cause more to material to vaporize in the atmosphere. And in some circumstances a nuke will either do no good or possibly even make the situation worse. But at some point if the situation is desperate and there is very limited time for good analysis, then lobbing a nuke (or twenty) at an incoming asteroid is probably going to at least break it up enough so less mass will make it through the atmosphere. But again, if we are talking a bout a different scenario where something that was going to cause regional destruction was going to hit in the middle of an unpopulated or less populated area and now post nuke several large pieces are going to directly hit 3 major cities, then potentially you have made the problem worse.
So the answer is that it depends and you had better be ready to run some simulations and be ready with some nuclear weapons just in case.
Yes, software projects are notorious for this scoping issue. Think healthcare.gov. Without ascribing even any milking motive... it is simply very hard to conceptualize what it might take to build out some software systems. If you conceive a simple button on a screen, it may take a few seconds to place the button there but then it has to do something when you press it.
People often think in terms of UI for scoping purposes. But think about the data, and back end processing that needs to happen. It is sometimes just hard to conceptualize and scope.
Google is a good example. It's primary UI is a text input and a button and then think about what is behind that and how many iterations of software processing and data collection underpin the functionality.
It's worth noting that this wouldn't work on any device that has a Secure Enclave and TouchID. The Secure Enclave can't be updated or tampered with without it erasing its keys, leaving the phone permanently encrypted. If the SE isn't modified, it imposes delays on responding to passcode requests so that after the 9th request, there's a delay of 1hr before you can try again.
This article goes into more detail: http://blog.trailofbits.com/20...
The phone in question is a 5c, so yes, Apple could theoretically do what is being asked of them. But the phones after that--no.
Thanks that is what I was getting at. Good info.
So the next question is whether they can target this specific phone with a patch to disable the ten password attempt limit and therefore allowing the FBI to continue a brute force attack on the pin number... which would be relatively simple. It sounds like the answer is yes, that they could probably do so if they brought the phone in house and updated the firmware like they would when they test new firmware updates.
As much as it pains me, I think the FBI is right on this one. It sounds like it would be reasonably simply for Apple to take this device in-house and install firmware with a patch on this older device to remove the 10 attempt limit. But if the only way to get around this limit would be to install a back door on all devices, then I think that Apple is right to fight this. The devil is really in the details.
The question for Apple is what kind of can of worms this opens up since there are so many of these devices still in use.
This is also an important technical discussion because if the ten password limit can be bypassed with a firmware update then a brute force on a 4 digit pin is relatively simple and users should be aware that their devices are not really as secure as they might have thought.
This is the only good explanation I've seen of what the order is about:
https://www.techdirt.com/artic...
As long as Apple can install a signed update on the device without decrypting it first, this will be possible. They need to remedy that quickly.
Yes, Apple has all along insisted that they can't break the encryption on the phone. But the FBI apparently knows they can and wants them to do it. That means there is already effectively a back door and they just need Apple to sign the software update. So Apple has been lying.
Oh I've seen consultants milk contracts and rolling requirements specification for tens of thousands of dollars and months of work in a midsize company.
Yes, small businesses are usually much much tighter with money and I've seen them have the opposite problem where if you have to justify every expense with the real cost that things simply don't get done that should get done.
The fastest failure, is when you don't even start. And no, you're not getting a bonus for that either.
Well, assuming you don't just say no to every risky idea and are adding value to the decision chain by approving projects that are more likely to succeed then yes I think you would eventually be getting a bonus based on success of some of those projects. Or if you are not a decision maker then at least you can inform your management about a dead end and then hopefully get reassigned to something you can succeed at doing.
Overall, I think the real test is whether you can document the unknowns and document that they are actually unknowns to everyone in the industry and then get a result that can better inform future decision making in that area by narrowing down the unknowns.
You want iterative trial and error informed by the previous iteration, not just dumb trial and error in a vacuum.
I'd say that failure of business systems projects are pretty common and largely the result of either:
1) business people (project managers, analysts, middle management) that don't think about time or money and are dead set to make people adhere to arbitrary "requirements" that should have been cut as soon as someone said it would take more than 30 seconds to do or they never even asked and assumed it would take 30 seconds to do because they lack experience to know.
and/or
2) IT people that will give the business as much rope as they want to hang themselves with without pushing back because they are either working by billable hours or are used to working billable hours and are more than willing to let project costs and timelines spiral out of control because that is what puts the meals on the table and they can just blame the project management and requirements when management suddenly decides they would have rather have a project succeed than get every requirement implemented.