The implementation of OpenSSH will use the Windows encryption libraries and random number generator, just like their implementation of SSL/TLS used by their webserver and browsers. If you are using Windows, a least some lof of the time you'll probably using at least one of those. Even if it's just to retrieve and verify Windows Updates.
So if you don't trust those... why would you use Windows in the first place ?
Insomniac ? I hope you don't have that regularly, if so I suggest you do something about that. Less caffeine and less stress ?
OK, I'll be the first to admit it. I'm no expert, I suggest you talk to one.
I'm also not completely sane at this moment, this is the morning after a night on the town, their is still a lot of alcohol in my body.;-)
Anyway, about the topic at hand...
Yes, I do think about it like a pendulum as well and about how far it can or will be pushed in one way (maybe even multiple pendulums). I think most people would really want to avoid full on revolution. Because it's hard to predict the outcome. Take for example the Arab spring. Also look at ISIS/IS/ISIL/Daesh they came out of the chaos largely created by the US (but that is a whole different topic).
Maybe I'm wrong, but I think at least some people in government get it.
Sometimes when I see police in countries like the US get more and heavier arms, I'm thinking someone is preparing for that future in a very negative way.
From a US perspective you'd think it's some kind of socialist system, but a lot of the ideas behind that came from the US from people like: Friedrich Hayek, Richard Nixon and Milton Friedman. Or as Andrew McAfee likes to say with a big smile: frothing-at-the-mouth socialists;-)
In Europe we now have a bunch of organisations, countries and cities looking seriously into this and testing it in real life again.
From a pure technology perspective, I can see technology solving the need problem.
If energy prices do really keep falling like they have with capturing the energy from wind and solar light and heat then it will get easier (=cheaper). Take for example the Sahara Forest Project: https://www.youtube.com/watch?...
But automatic milking also has been doing very well for how long ? over 10 years now ?
If you combine: cheap energy, cheap clean water, cheap electronics/communication, cheap energy storage, cheap food production you get a very potent mix to solve a large part of the problem of need that Voltaire talked about. In the documentary I linked they also talk about cheap health care (I hope so). Those are some very positive trends.
Cheap technology also seems to create a more decentralized future, so maybe in that sense Bitcoin/OpenBazaar and solar panels are similar.
I'm from Europe, I personally don't see the state as my enemy like some people in the US or some in Bitcoin do. For example I think of the government as the biggest VC funder/risk taker of them all. Who would spend more than 10 years on fundamental research with a high amount of risk of failure and then give it away for free (simple example: Internet, funded by ARPA now called DARPA. I don't know if it was considered a risky endeavour at the time, but it's an ex
How the people that made the docker image you are using created their Docker image doesn't matter much.
You can still use Debian/Ubuntu as the base of _your_ Docker images.
These are just the official Docker images. I can see how that makes sense for something like a MySQL Docker image. You just want it to run the database server.
Some of the things I'm seeing: - Google and Apple, Facebook/Whatsapp not yet cooperating with getting rid of encryption - lots of open source encryption tools - slowly but surely we are seeing some more open source hardware projects - Bitcoin and the follow altcoins exist - some even have some coinjoin system (anonymity) - OpenBazaar exists (not full anonymity yet) - open trade, no borders - decentralized DNS with.bit exist
"Or in other words: it might not be the best idea, for your illegal activities, to use a cryptocurrency: a type of money send/receive/exchange mecanism where... THE WHOLE MECANISM (by design) RELIES ON BROADCASTING EVERY SINGLE TRANSACTION TO THE NETWORK (specially when your adversary is the state and could put the necessary Big Data Analysis to more or less track the money through the network)"
It's funny how these criminals haven't figured out how to use a mixing service (CoinJoin) properly. __ "Which, from what I know, is on the *hard drugs* list in the Netherland (like heroin, etc.) and thus still outright illegal."
Some dutch/.er to step in to correct me ?""
I'm Dutch myself. Yes, thinks like Canabis are on the soft-drugs list and XTC is on the hard-drugs list.
Supposedly some people were acting as middlemen for the sellers on one of those markets to exchange it back the traditional money and were moving millions.
So the Dutch equivalent of the IRS got on their trail.
They also found out some where producing XTC as well.
If the numbers really are that nearly 90 percent of people killed in drone strikes "were not the intended targets" of the attacks then I think the US should stop using them. Failure in use is the next best thing I guess.
I can see at least some advantages: - Bitcoin payments can not be reversed (like with bank transfers, or Paypal). - Bitcoin works across international borders.
Anyway, if you have a couple of hundred servers, you'd still want to reboot them after live-patching occasionally even if you have your power sources are OK (I've seen datacenters going down because of airconditioning failing). Because if to many servers fail at the same time, you'd have a long downtime for at least part of the servers.
Clearly not your situation.
Judging by your comments on the other article, you might have more cars than servers.;-)
Also live kernel patching also don't really help you with remote hardware.
Maybe the opposite.
Because in case live kernel patching you don't reboot with the new kernel, just keep it running the old kernel with only the security patch applied.
That could mean you did not test the normal way of booting with the new kernel.
So when the machine does reboot unexpectedly (like power failure) it might not boot normally because you didn't test booting the new kernel after installing the security update.
You can do kexec with old kernels on Ubuntu right now. You can just try it on your desktop machine.
install kexec-tools the setting to enable kexec are in/etc/default/kexec I assume on Ubuntu.
Then do a reboot, if you've done everything right, you won't see a BIOS screen, just an Ubuntu shutdown and Ubuntu start up. And it will be faster because of it.
Live kernel patching is only for security updates and you'll want to wait for your distribution to build them.
It is not the normal process of building a kernel.
How it is done: they build a special type of kernel-module.
Then they load the kernel-module with a tool.
The kernel-module is then used instead of the original running code of the kernel.
It will probably end up being part of the normal process of installing security updates.
I think they'll first target the LTS-releases (that is the kind of environment where you'd expect automatic install of security updates is more likely).
My thoughts on autonomous driving and car enthusiasts like yourself has always been: with more people being driving around in autonomous cars, driving on the road yourself could become a lot less frustrating (less idiots on the road, more predictable traffic).
Also I don't see the appeal of driving yourself when it's bumper to bumper traffic. Stop, wait, slow, stop, wait, slow... that is the kind of situation where you'd want to car to do the driving so you can do other things with your time. A lot of high end cars like Tesla and BMW can already do that I believe.
You are probably talking about live-kernel patching (kGraft - Suse, kpatch - RedHat, sort of similar to ksplice - now Oracle).
Because that is all it is: security updates without reboot.
Not: new functionality or large bugfixes.
kexec is cool, but kexec just means: faster reboot into new kernel (no waiting on the BIOS, etc.). The old kernel starts a new kernel directly.
The people from CRIU (save and restore running processes) want to combine their solution with kexec so you can do fast upgrades eventually: "When replacing a kernel on a box we can do it without stopping critical activity. Checkpoint it, then replace the kernel (e.g. using kexec) then restore services back. In a perfect world the applications memory shouldn't be put to disk image, but should rather be kept in RAM." https://criu.org/Usage_scenari...
We can insert some placeholder, that semantically answers the question (like God started it all, or time goes back infinitely, or time started at the big bang), but ontologically, we still got nothin'. How do we make sense of a beginning with no previous moment ? Or an infinitely backward extending line of time ? Go ahead and act like the problem is resolved, but it is still an open question.
I haven't watched the talk yet. I've been to busy watching other 32C3 talks.:-)
But I do know that just after Dieselgate came out, some of the news in the Netherlands was that the testing lab in our country (which does this for otherEuropean countries too) had already figured this out at least a year earlier.
Their report showed that out of 16 models tested 14 failed a slightly more realistic test. So they were already busy helping to change the rules at the European level to get proper realistic testing.
Slashdot Mirror
The implementation of OpenSSH will use the Windows encryption libraries and random number generator, just like their implementation of SSL/TLS used by their webserver and browsers. If you are using Windows, a least some lof of the time you'll probably using at least one of those. Even if it's just to retrieve and verify Windows Updates.
So if you don't trust those... why would you use Windows in the first place ?
I think the idea behind the tools is to catch stuff just in case something gets forgotten.
You can easily do updates/build of Docker containers, as long as you automated and do 12 factor apps.
Insomniac ? I hope you don't have that regularly, if so I suggest you do something about that. Less caffeine and less stress ?
OK, I'll be the first to admit it. I'm no expert, I suggest you talk to one.
I'm also not completely sane at this moment, this is the morning after a night on the town, their is still a lot of alcohol in my body. ;-)
Anyway, about the topic at hand...
Yes, I do think about it like a pendulum as well and about how far it can or will be pushed in one way (maybe even multiple pendulums). I think most people would really want to avoid full on revolution. Because it's hard to predict the outcome. Take for example the Arab spring. Also look at ISIS/IS/ISIL/Daesh they came out of the chaos largely created by the US (but that is a whole different topic).
Maybe I'm wrong, but I think at least some people in government get it.
Sometimes when I see police in countries like the US get more and heavier arms, I'm thinking someone is preparing for that future in a very negative way.
But let's look at the positive.
Let's take for example the people that claim that automation will take our jobs:
https://www.technologyreview.c...
Maybe they are wrong, but one thing is correct, technology can cause a lot of change and it probably will. Maybe even accelerate.
When talking about that, you'd always keep in mind what Voltaire said: Work saves us from three great evils: boredom, vice and need.
Then you look at what people in some governments are trying to do:
https://en.wikipedia.org/wiki/...
From a US perspective you'd think it's some kind of socialist system, but a lot of the ideas behind that came from the US from people like: Friedrich Hayek, Richard Nixon and Milton Friedman. Or as Andrew McAfee likes to say with a big smile: frothing-at-the-mouth socialists ;-)
In Europe we now have a bunch of organisations, countries and cities looking seriously into this and testing it in real life again.
From a pure technology perspective, I can see technology solving the need problem.
If energy prices do really keep falling like they have with capturing the energy from wind and solar light and heat then it will get easier (=cheaper). Take for example the Sahara Forest Project: https://www.youtube.com/watch?...
Energy storage is also still improving too: http://rameznaam.com/2013/09/2...
They seem to be on a Moore's Law like trajectory.
They might claim to be the first:
http://inhabitat.com/worlds-fi...
But automatic milking also has been doing very well for how long ? over 10 years now ?
If you combine: cheap energy, cheap clean water, cheap electronics/communication, cheap energy storage, cheap food production
you get a very potent mix to solve a large part of the problem of need that Voltaire talked about. In the documentary I linked they also talk about cheap health care (I hope so). Those are some very positive trends.
Cheap technology also seems to create a more decentralized future, so maybe in that sense Bitcoin/OpenBazaar and solar panels are similar.
I'm from Europe, I personally don't see the state as my enemy like some people in the US or some in Bitcoin do. For example I think of the government as the biggest VC funder/risk taker of them all. Who would spend more than 10 years on fundamental research with a high amount of risk of failure and then give it away for free (simple example: Internet, funded by ARPA now called DARPA. I don't know if it was considered a risky endeavour at the time, but it's an ex
There are already tools to detect that, at least some of them are FOSS:
https://www.alfresco.com/blogs...
For example this one is open source:
https://coreos.com/blog/vulner...
The point is pulling an application.
How the people that made the docker image you are using created their Docker image doesn't matter much.
You can still use Debian/Ubuntu as the base of _your_ Docker images.
These are just the official Docker images. I can see how that makes sense for something like a MySQL Docker image. You just want it to run the database server.
Lots of people may say: Apple is so cool they invented the iPhone, bla, bla.
But the iPhone wouldn't have happened without the fundamental research which was paid for by the government.
I know companies call their department sometimes research & development, but sometimes you'd think it's just development.
Hi KGill. :-)
Some of the things I'm seeing: .bit exist
- Google and Apple, Facebook/Whatsapp not yet cooperating with getting rid of encryption
- lots of open source encryption tools
- slowly but surely we are seeing some more open source hardware projects
- Bitcoin and the follow altcoins exist - some even have some coinjoin system (anonymity)
- OpenBazaar exists (not full anonymity yet) - open trade, no borders
- decentralized DNS with
So at least some of the tools are in place...
"Or in other words: it might not be the best idea, for your illegal activities, to use a cryptocurrency: a type of money send/receive/exchange mecanism where...
THE WHOLE MECANISM (by design) RELIES ON BROADCASTING EVERY SINGLE TRANSACTION TO THE NETWORK
(specially when your adversary is the state and could put the necessary Big Data Analysis to more or less track the money through the network)"
It's funny how these criminals haven't figured out how to use a mixing service (CoinJoin) properly.
__
"Which, from what I know, is on the *hard drugs* list in the Netherland (like heroin, etc.) and thus still outright illegal."
Some dutch /.er to step in to correct me ?""
I'm Dutch myself. Yes, thinks like Canabis are on the soft-drugs list and XTC is on the hard-drugs list.
Supposedly some people were acting as middlemen for the sellers on one of those markets to exchange it back the traditional money and were moving millions.
So the Dutch equivalent of the IRS got on their trail.
They also found out some where producing XTC as well.
If the numbers really are that nearly 90 percent of people killed in drone strikes "were not the intended targets" of the attacks then I think the US should stop using them. Failure in use is the next best thing I guess.
http://www.huffingtonpost.com/...
https://theintercept.com/drone...
One word:
Airdrop
I can see at least some advantages:
- Bitcoin payments can not be reversed (like with bank transfers, or Paypal).
- Bitcoin works across international borders.
No problem.
If you want I can send you my email address for more direct contact. Is that outlook address I see a real address ?
People might talk about electric cars like it's something new... ;-)
But your house already works more or less like a submarine.
They however use diesel/gas to charge the batteries:
https://en.wikipedia.org/wiki/...
Anyway, if you have a couple of hundred servers, you'd still want to reboot them after live-patching occasionally even if you have your power sources are OK (I've seen datacenters going down because of airconditioning failing). Because if to many servers fail at the same time, you'd have a long downtime for at least part of the servers.
Clearly not your situation.
Judging by your comments on the other article, you might have more cars than servers. ;-)
Also live kernel patching also don't really help you with remote hardware.
Maybe the opposite.
Because in case live kernel patching you don't reboot with the new kernel, just keep it running the old kernel with only the security patch applied.
That could mean you did not test the normal way of booting with the new kernel.
So when the machine does reboot unexpectedly (like power failure) it might not boot normally because you didn't test booting the new kernel after installing the security update.
live kernel patching is not kexec.
kexec is an old feature, kexec is not new.
You can do kexec with old kernels on Ubuntu right now. You can just try it on your desktop machine.
install kexec-tools the setting to enable kexec are in /etc/default/kexec I assume on Ubuntu.
Then do a reboot, if you've done everything right, you won't see a BIOS screen, just an Ubuntu shutdown and Ubuntu start up. And it will be faster because of it.
Live kernel patching is only for security updates and you'll want to wait for your distribution to build them.
It is not the normal process of building a kernel.
How it is done: they build a special type of kernel-module.
Then they load the kernel-module with a tool.
The kernel-module is then used instead of the original running code of the kernel.
It will probably end up being part of the normal process of installing security updates.
I think they'll first target the LTS-releases (that is the kind of environment where you'd expect automatic install of security updates is more likely).
My thoughts on autonomous driving and car enthusiasts like yourself has always been:
with more people being driving around in autonomous cars, driving on the road yourself could become a lot less frustrating (less idiots on the road, more predictable traffic).
Also I don't see the appeal of driving yourself when it's bumper to bumper traffic. Stop, wait, slow, stop, wait, slow... that is the kind of situation where you'd want to car to do the driving so you can do other things with your time. A lot of high end cars like Tesla and BMW can already do that I believe.
You are probably talking about live-kernel patching (kGraft - Suse, kpatch - RedHat, sort of similar to ksplice - now Oracle).
Because that is all it is:
security updates without reboot.
Not: new functionality or large bugfixes.
kexec is cool, but kexec just means: faster reboot into new kernel (no waiting on the BIOS, etc.). The old kernel starts a new kernel directly.
The people from CRIU (save and restore running processes) want to combine their solution with kexec so you can do fast upgrades eventually:
"When replacing a kernel on a box we can do it without stopping critical activity. Checkpoint it, then replace the kernel (e.g. using kexec) then restore services back. In a perfect world the applications memory shouldn't be put to disk image, but should rather be kept in RAM."
https://criu.org/Usage_scenari...
I don't think a patch for PRAM has been accepted yet: https://lwn.net/Articles/55704...
The CRIU developers can save/restore a lot of things, but I don't think they can do it for everything yet.
We can insert some placeholder, that semantically answers the question (like God started it all, or time goes back infinitely, or time started at the big bang), but ontologically, we still got nothin'. How do we make sense of a beginning with no previous moment ? Or an infinitely backward extending line of time ? Go ahead and act like the problem is resolved, but it is still an open question.
Easy, just let it wrap around. :-)
And say: history repeats itself.
I think the family would rather have all the information before they start claiming the police is a bunch of bastards that should be locked up.
That was exactly my thought too.
And Ian Murdock had millions.
What is the latest news on Ian Murdock ? Have they been able to prove anything about the police violence yet ?
I wouldn't say the Raspbian on RPi is representative of 'desktop Linux'.
What I have a problem with is this focus on VW only, I have a feeling the other manufacturers aren't any better.
Yes, you can do that.
For example with PowerDNS nameserver supports it:
https://doc.powerdns.com/md/au...
I believe for example Bind and https://www.knot-dns.cz/ also has a system for something similar:
https://www.knot-dns.cz/docs/2...
Maybe: http://ddiguru.com/blog/133-bi...
I haven't watched the talk yet. I've been to busy watching other 32C3 talks. :-)
But I do know that just after Dieselgate came out, some of the news in the Netherlands was that the testing lab in our country (which does this for otherEuropean countries too) had already figured this out at least a year earlier.
Their report showed that out of 16 models tested 14 failed a slightly more realistic test. So they were already busy helping to change the rules at the European level to get proper realistic testing.
Here is one of the Dutch articles of that time:
http://www.volkskrant.nl/econo...
They already noticed problems in 2009 so it seems.