And often times no regulation is better than some regulation (e.g. because regulatory capture, etc). Even without regulation we have legal devices such as Tort (negligence law) that helps to reign in bad behavior.
Yeah, and? They could stick a bomb on the car, so why worry about what firmware they might flash?
they don't need to leave physical evidence. they can leave an invisible logic bomb that will erase itself and leave no trace. why leave behind a physical bomb? why? it makes no sense.
"security theater" is worse than useless because you think you are secure and you let down your guard. you put in separate networks and you think you've solved the problem. wrong! you just prod the hackers to find new vectors.
* the "critical" bus that controls car operation. Have it only *PHYSICALLY* accessable, i.e. only via physically plugging a probe into a jack. And none of the devices connected to the "critical" bus are radio/wifi/bluetooth/whatever-else externally accessable.
This is kind of like airport security, preparing for security problems that have already happened, instead of thinking about new vectors of attack.
Your idea does nothing to prevent people like valet parkers or vehicle inspectors or detailers from getting physical access to your "jack" long enough to infect your car. Your car is 100% vulnerable to all kinds of attack when you leave it at the shop for repair, not just from the shop employees but from anyone who can break their probably non-existent security.
is so grossly higher than the actual price of a life
what about the life of Steve Jobs, would that be worth $10 million? what about his mother and father? Without them he would not exist. So what is their value?
So now how can you possibly predict the value of a life when you can't even calculate it when they are alive? how can you presume to know the value of their impact?
As I have discovered, it is a lot better in a legal sense to leave things unpatched. The patching requires downtime, it adds nothing to business,
yeah, let's take gm's ignition key horror as an example. They saved a few dollars up front and in the end it cost them BIG TIME. your stupid "wisdom" is just stupid
Patching vulnerabilities just isn't a priority for many IT environments.
Oh really? Then why do companies spend so much money and so much time on maintaining an environment where Windows Update can work properly? Why is it that linux distributions that quickly push security fixes are more popular? Why is it that every store I visit has brand spanking new credit card machines?
The question is really how to educate dev teams in the auto industry. If they can be brought up to even modest levels of best practice (use of verification tools, test methods, asset versioning, etc) then at least quality can be improved going into the future. Also system separation should be the industry standard approach where critical and non-critical functions are not mixed together at all.
"can" and "should" are meaningless words without government regulation to back them up
my Windows 10 laptop reboots at least once a day, I'd swear.
Then there's this neat thing where under Windows 10 plugging my Razer wireless mouse into the charger requires a reboot, but I'm pretty sure that's another driver bug and not Microsoft's fault. At least, I sure hope so. (Unplugging it to return to wireless operation ALSO requires a reboot. The mouse just stops working until Windows 10 has rebooted. I'm not joking!)
at one point they called computers "labor saving devices" but I think it was just a cruel joke
Like it or not, you pretty much have to use some version of windows. Whether it's at work or because of some windows-only software, there's really no way to avoid windows.
please tell us all what indispensible apps run on windows that have no equivalents on any other operating system
I guess she will have to be fine with the creepy guy from Microsoft following her around when she does her shopping then. That you're fine with it is already apparent.
what microsoft guy? garage band runs on BSD, the OSX flavor.
Paula Deen lost millions because she said a bad word about someone who had held a gun to her head, twenty years after it happened.
It was more than one bad word, and HOW THE FUCK do you "lose" money that you never actually had in the first place?
"On June 21, 2013, due to a controversy regarding Deen's admission, during a deposition for a lawsuit, that she had used racial slurs, The Food Network announced they will not renew her contract."
Oh and how SAD IT ALL IS:
"It was announced that on September 24, 2014 Paula will unveil her very own network. "
GOSH it's SO SAD that she ONLY has enough money to start ONE network.
No, you pirate because you want something for nothing. That's the start, and the end of it. If it really were about the DRM you'd buy the software, then pirate a DRM free version. You don't do that, because you're a hypocritical bottom feeder.
I bought the damned album years ago and now it's scratched. I want a clean copy.
Slashdot Mirror
When I put the key in the ignition and turn it
I think you are living in the wrong century
They had to be dragged kicking and screaming
by people who had money on the line and had the ability to drag and kick. this is how the system works
And often times no regulation is better than some regulation (e.g. because regulatory capture, etc). Even without regulation we have legal devices such as Tort (negligence law) that helps to reign in bad behavior.
the laws that make tort possible are "regulation"
There's a module which connects the two, providing read-only queries from the second to the first. None of the hacks breached this system.
they haven't breached it yet
we used to think that kryptonite locks and SSL 1.0 were secure
Yeah, and? They could stick a bomb on the car, so why worry about what firmware they might flash?
they don't need to leave physical evidence. they can leave an invisible logic bomb that will erase itself and leave no trace. why leave behind a physical bomb? why? it makes no sense.
"security theater" is worse than useless because you think you are secure and you let down your guard. you put in separate networks and you think you've solved the problem. wrong! you just prod the hackers to find new vectors.
I don't want anything involved in controlling the car physically wired to anything networked.
so you want a car with a manual choke? The automatic choke is hooked up to the engine computer with a network connection.
* the "critical" bus that controls car operation. Have it only *PHYSICALLY* accessable, i.e. only via physically plugging a probe into a jack. And none of the devices connected to the "critical" bus are radio/wifi/bluetooth/whatever-else externally accessable.
This is kind of like airport security, preparing for security problems that have already happened, instead of thinking about new vectors of attack.
Your idea does nothing to prevent people like valet parkers or vehicle inspectors or detailers from getting physical access to your "jack" long enough to infect your car. Your car is 100% vulnerable to all kinds of attack when you leave it at the shop for repair, not just from the shop employees but from anyone who can break their probably non-existent security.
and thousands of people die the same moment because some terrorist pressed a button.
The US military is the only entity that has actually ever carried out attacks like this
unregulated markets don't exist
when there is no regulation the guy with the biggest stick just takes it all
is so grossly higher than the actual price of a life
what about the life of Steve Jobs, would that be worth $10 million? what about his mother and father? Without them he would not exist. So what is their value?
So now how can you possibly predict the value of a life when you can't even calculate it when they are alive? how can you presume to know the value of their impact?
which units do you use to measure the enjoyment of a chocolate bar? do you use wonkas or toblers? it makes a difference in the calcuations.
As in _physical_ isolation. Anything else is asking for trouble
yeah that's great. we'll give each car its own road
As I have discovered, it is a lot better in a legal sense to leave things unpatched. The patching requires downtime, it adds nothing to business,
yeah, let's take gm's ignition key horror as an example. They saved a few dollars up front and in the end it cost them BIG TIME. your stupid "wisdom" is just stupid
Patching vulnerabilities just isn't a priority for many IT environments.
Oh really? Then why do companies spend so much money and so much time on maintaining an environment where Windows Update can work properly? Why is it that linux distributions that quickly push security fixes are more popular? Why is it that every store I visit has brand spanking new credit card machines?
The question is really how to educate dev teams in the auto industry. If they can be brought up to even modest levels of best practice (use of verification tools, test methods, asset versioning, etc) then at least quality can be improved going into the future. Also system separation should be the industry standard approach where critical and non-critical functions are not mixed together at all.
"can" and "should" are meaningless words without government regulation to back them up
I can utilize it in ways I wish that the manufacturer has never thought of
what a great tool for the ambitious suicide bomber
so again I ask how my wife can play her garage band files on linux?
people keep saying that linux can do anything other operating systems can do
my Windows 10 laptop reboots at least once a day, I'd swear.
Then there's this neat thing where under Windows 10 plugging my Razer wireless mouse into the charger requires a reboot, but I'm pretty sure that's another driver bug and not Microsoft's fault. At least, I sure hope so. (Unplugging it to return to wireless operation ALSO requires a reboot. The mouse just stops working until Windows 10 has rebooted. I'm not joking!)
at one point they called computers "labor saving devices" but I think it was just a cruel joke
BSD runs everything linux does, and then some. You have a choice of GUI. You can use X windows or the Mac OS GUI.
Like it or not, you pretty much have to use some version of windows. Whether it's at work or because of some windows-only software, there's really no way to avoid windows.
please tell us all what indispensible apps run on windows that have no equivalents on any other operating system
I guess she will have to be fine with the creepy guy from Microsoft following her around when she does her shopping then. That you're fine with it is already apparent.
what microsoft guy? garage band runs on BSD, the OSX flavor.
Paula Deen lost millions because she said a bad word about someone who had held a gun to her head, twenty years after it happened.
It was more than one bad word, and HOW THE FUCK do you "lose" money that you never actually had in the first place?
"On June 21, 2013, due to a controversy regarding Deen's admission, during a deposition for a lawsuit, that she had used racial slurs, The Food Network announced they will not renew her contract."
Oh and how SAD IT ALL IS:
"It was announced that on September 24, 2014 Paula will unveil her very own network. "
GOSH it's SO SAD that she ONLY has enough money to start ONE network.
They will play just fine
what linux application loads garage band files?
Wine is not an emulator.
beer is not a simulation
yes, it is your fault if your computer gets compromised
No, you pirate because you want something for nothing. That's the start, and the end of it. If it really were about the DRM you'd buy the software, then pirate a DRM free version. You don't do that, because you're a hypocritical bottom feeder.
I bought the damned album years ago and now it's scratched. I want a clean copy.