Good question. I mean, I hear that the janitors are still cleaning the toilets in BP headquarters! Where are their priorities?!
Seriously, they're a big company, they can focus on more than one thing at a time... It's like the Mythical Man-Month -- Just throwing resources at the problem isn't necessarily going to make it better, and could well make it worse.
There should always be duplication of critical components of a system with the intention of increasing reliability of the system, usually in the case of a backup or fail-safe.
Let me try to reply a bit more constructively than some of the others here.
It is never a foregone conclusion that you will always have duplication of critical components of a system, if you are doing proper risk management.
Essentially, the art of risk management is figuring out how far to go with mitigations of various risks.
To illustrate with an excessively simplistic example (Assume a perfect vacuum and a frictionless environment):
Let's say you sell something online, you sell W products/hour, and if you miss a sale, that's it, you're not getting it back.
So that means that you lose the profit on W products every hour, let's call that X.
Next, you look at the potential hazards, and calculate how often you expect to have each hazard occur per year. For example, to be simple, let's pretend your only hazard is that you expect the basement to flood once every 20 years, causing a complete outage of your data center. This means your Annualized Rate of Occurrence (ARO) is 0.05 basement floods/year.
Further suppose that you expect a downtime from a basement flooding to last, say, 24 hours. That means your Single Loss Expectancy is your profits per hour, X, times 24 hours, let's call that Y.
From Y and 0.05, we can calculate the Annualized Loss Expectancy, that is, the cost of a single occurrence times the probability of occurrence in any given year. So let's let Z be the ALE of (Y * 0.05).
If the annualized cost of having an alternate data center to mitigate only the risk of flooding exceeds Z, the Annualized Loss Expectancy, you do not invest in an alternate data center, because it makes no business sense. You just take the loss when it happens, because it's cheaper than dealing preventing it.
Of course, it's *never* quite this simple, and sometimes the SLE is essentially infinite (such as when loss of life could occur) and thus you spare no expense in mitigating the risk. Sometimes, you can't easily quantify the cost, because it isn't always money, it could be, for example, reputation.
But it is *never* a foregone conclusion that you should automatically spend money mitigating risk without first thinking about if the mitigation costs more than the risk itself.
IPv6 - mac address is part of your IPv6 address and uniqe to every Mac on the planet
That's just one convention, and certainly not a requirement. Take a look at the privacy extensions for stateless autoconfiguration RFC, for example, which helps to mitigate exactly this vulnerability.
That's the way it's used now, but that's not what it used to mean. No big deal, though, it's like the word "hackers", it evolved, and we just have to deal with it.:)
Not entirely correct, historically it meant an exploit that was discovered by the vendor by the fact that it was being exploited. Meaning, they had zero days to develop a patch.
So if, for example, someone reported this to Adobe previously, and Adobe hadn't fixed it yet, then it isn't a zero day exploit. If Adobe only found out about the vulnerability because people were exploiting it, it was a zero day vulnerability.
Which might be what you were saying, but it didn't come out unambiguously that way.:)
If you're work and home have wifi, you'll likely be below 200MB per month.
Nonsense. For instance, some of us stream Pandora while driving, or riding the train. There are plenty of us who are places other than work and home for significant periods of time.
You pay taxes to pay for highways, schools, cops, fire departments,
These examples are the first trotted out whenever someone complains about taxation in the U.S. So please, pray tell, what percentage of my taxes go to "highways, schools, cops, and fire departments"? And assuming there is no waste in those four (A ridiculous assumption, I might add), may we please complain about waste in the rest of government?
Fifth amendment not to testify? Well, isn't the next step to start a criminal investigation against all of these people, including all of the top management in all of the companies involved?
The fifth amendment exists to protect the innocent, not the guilty. It's probably the smartest thing someone could do if called to testify in front of Congress for something like this, particularly if they aren't guilty of any wrongdoing.
Personally, I don't really care, as long as by the time it's time to move, you have it back on. I myself don't shut down my engine anywhere unless I'm willing to leave it sitting right where it is while I try to figure out why it won't start back up, when such an inevitable eventuality should occur.
Wow. Just, wow. I had no idea how off the deep end (offer the deeper end?) PETA had gotten.
I started to use their contact form for the fish and wildlife service, having replaced their pre-filled text with the phrase "PETA has gone off the deep end". Then I noticed who it is being sent to on my behalf: Sam D. Hamilton. Hmm, wonder who that is, I pondered. Have a look:
HATE when people talk on a damn cell phone when talking to people trying to help them at a store or restaurant or something. It's just amazingly rude.
It depends on the context. I had to stop by the security building at work one day, while on a work related conference call, and the security guard refused to assist me until I hung up the phone.
Understand, of course, what I needed from him required essentially no interaction, and I made a point of rotating the phone back to indicate I was only passively listening and I could converse if he needed to ask me anything.
I was in a place of business, conducting business, and getting multiple things done simultaneously, which saved taxpayers money. It was not his concern what else I was doing, as long as he could accomplish the task that he was being paid to accomplish.
Now, had I been at a nice restaurant and gabbing on and on with someone when the waiter showed up, he would have been well within reason to ask me to hang up (or even leave).
It's all about context and appropriateness.
(I wrote up a nice complain letter, but I decided to let it drop, wasn't worth fighting over. And I had been told that lots of people had complained about this guy being a jerk, and apparently nothing was done anyway.)
You don't keep your phones long enough. My own iPhone is about a year and a half old, and already has a significantly reduced battery capacity. It sure won't last the 3-4 years I'd expect it to last (I spent 300 bucks on the thing, I'm sure not replacing it every 2 years, even 3 is pretty short.)
And you're insane if you're saying "Oh, it's no big deal to replace the battery in your iPhone."
It requires prying gently with a spudger (Sure, everyone has one of those), a freaking *soldering iron*... Right. That's a perfectly user serviceable battery. Maybe for someone like you or me, who are handy with a soldering iron. But not to the extent that it's plausible to say that the battery is "replaceable".
I know a guy who works for an agribusiness. I asked him about this last summer. He shrugged and said that for every Roundup product out there, there was another waiting for the first to become ineffective. In fact, it almost makes business sense, that once the patents start expiring, the weeds become resistant and it doesn't matter anymore anyway. Cue the next product in the queue of products, Profit!
My last day at Goddard Space Flight Center was yesterday. (almost 10 years!) I finally got around to getting a friend to give me a tour of the Spacecraft Systems Design and Integration Facility, where I got to see JWST parts in the clean room. (heh, 20 minutes of gowning procedures for a 10 minute trip into the clean room.) Very, very cool. Gonna miss that place.
I'm pretty sure I'm going to follow JWST a lot more heavily now, too many friends are involved in it to ignore it as I have been.
(Sadly, for what were apparently ITAR reasons I couldn't get pictures.)
We looked at building our own PC based boxes to do it. It all came down to the fact that the cards couldn't really push the speeds.
Hmmm? I'm doing 10 gigabit line rate on a couple of Dell R710's with nehalems in them. In fact, I can do line rate speed across several interfaces simultaneously. I assure you that you can do gigabit line speed with a reasonably recent off the shelf PC, and an e1000 or similar.
I have to say he did an amazing job at the end of Trek II... The way he did Spock's funeral. The talk with Carol. "You ask me how I feel? Old. Worn out." He really did have the ability to act.
I have to say, personally, that his wry, "meh, whatever" attitude in the later films actually contributed to the Kirk character fairly well. He has a great ability to deliver one-liners. Like in V: "Other ships, yes. But no experienced captains. I need Jim Kirk." Shatner's "oh, please" reply was priceless. His "We volunteered?!" to Spock in VI.
Maybe on the whole, if someone else had been cast as Kirk, the character would have worked far better. But the Shat did a pretty decent job, if you ask me.
My mom has read the obits for years. She works at an outpatient specialty clinic, and she reads it to see which of their patients died. I always found it kind of creepy, but the database integrity geek in me is proud of her.:)
Slashdot Mirror
Good question. I mean, I hear that the janitors are still cleaning the toilets in BP headquarters! Where are their priorities?!
Seriously, they're a big company, they can focus on more than one thing at a time... It's like the Mythical Man-Month -- Just throwing resources at the problem isn't necessarily going to make it better, and could well make it worse.
There should always be duplication of critical components of a system with the intention of increasing reliability of the system, usually in the case of a backup or fail-safe.
Let me try to reply a bit more constructively than some of the others here.
It is never a foregone conclusion that you will always have duplication of critical components of a system, if you are doing proper risk management.
Essentially, the art of risk management is figuring out how far to go with mitigations of various risks.
To illustrate with an excessively simplistic example (Assume a perfect vacuum and a frictionless environment):
Let's say you sell something online, you sell W products/hour, and if you miss a sale, that's it, you're not getting it back.
So that means that you lose the profit on W products every hour, let's call that X.
Next, you look at the potential hazards, and calculate how often you expect to have each hazard occur per year. For example, to be simple, let's pretend your only hazard is that you expect the basement to flood once every 20 years, causing a complete outage of your data center. This means your Annualized Rate of Occurrence (ARO) is 0.05 basement floods/year.
Further suppose that you expect a downtime from a basement flooding to last, say, 24 hours. That means your Single Loss Expectancy is your profits per hour, X, times 24 hours, let's call that Y.
From Y and 0.05, we can calculate the Annualized Loss Expectancy, that is, the cost of a single occurrence times the probability of occurrence in any given year. So let's let Z be the ALE of (Y * 0.05).
If the annualized cost of having an alternate data center to mitigate only the risk of flooding exceeds Z, the Annualized Loss Expectancy, you do not invest in an alternate data center, because it makes no business sense. You just take the loss when it happens, because it's cheaper than dealing preventing it.
Of course, it's *never* quite this simple, and sometimes the SLE is essentially infinite (such as when loss of life could occur) and thus you spare no expense in mitigating the risk. Sometimes, you can't easily quantify the cost, because it isn't always money, it could be, for example, reputation.
But it is *never* a foregone conclusion that you should automatically spend money mitigating risk without first thinking about if the mitigation costs more than the risk itself.
IPv6 - mac address is part of your IPv6 address and uniqe to every Mac on the planet
That's just one convention, and certainly not a requirement. Take a look at the privacy extensions for stateless autoconfiguration RFC, for example, which helps to mitigate exactly this vulnerability.
That's the way it's used now, but that's not what it used to mean. No big deal, though, it's like the word "hackers", it evolved, and we just have to deal with it. :)
Not entirely correct, historically it meant an exploit that was discovered by the vendor by the fact that it was being exploited. Meaning, they had zero days to develop a patch.
So if, for example, someone reported this to Adobe previously, and Adobe hadn't fixed it yet, then it isn't a zero day exploit. If Adobe only found out about the vulnerability because people were exploiting it, it was a zero day vulnerability.
Which might be what you were saying, but it didn't come out unambiguously that way. :)
If you're work and home have wifi, you'll likely be below 200MB per month.
Nonsense. For instance, some of us stream Pandora while driving, or riding the train. There are plenty of us who are places other than work and home for significant periods of time.
No, he doesn't.
He offers testimony, and answers questions about that testimony. That's it.
Your freeways have lights?
I live in Breezewood, you insensitive clod!
(Actually, no I don't, but such an opportunity to make a road geek joke shouldn't go unused...)
If the cop wants to challenge the validity of it, he can certainly do that on cross examination
No, no, no, no, no. If a cop ever tries this, immediately object.
The cop is a WITNESS, not a prosecutor. He is there to offer testimony and answer questions, not prosecute a case.
It is up to the judge, or the prosecutor if there is one, to question your evidence.
By asking "Do you have any idea how fast you were going?" and hoping for an incriminating response!
Last time I got stopped in the mid-70's, I had to bite my tongue to not reply: "Oh, about Mach 0.1"
You pay taxes to pay for highways, schools, cops, fire departments,
These examples are the first trotted out whenever someone complains about taxation in the U.S. So please, pray tell, what percentage of my taxes go to "highways, schools, cops, and fire departments"? And assuming there is no waste in those four (A ridiculous assumption, I might add), may we please complain about waste in the rest of government?
Fifth amendment not to testify? Well, isn't the next step to start a criminal investigation against all of these people, including all of the top management in all of the companies involved?
The fifth amendment exists to protect the innocent, not the guilty. It's probably the smartest thing someone could do if called to testify in front of Congress for something like this, particularly if they aren't guilty of any wrongdoing.
Personally, I don't really care, as long as by the time it's time to move, you have it back on. I myself don't shut down my engine anywhere unless I'm willing to leave it sitting right where it is while I try to figure out why it won't start back up, when such an inevitable eventuality should occur.
Wow. Just, wow. I had no idea how off the deep end (offer the deeper end?) PETA had gotten.
I started to use their contact form for the fish and wildlife service, having replaced their pre-filled text with the phrase "PETA has gone off the deep end". Then I noticed who it is being sent to on my behalf: Sam D. Hamilton. Hmm, wonder who that is, I pondered. Have a look:
"Sam D. Hamilton dead at 54; U.S. fish and wildlife director"
Oh, well. I guess I'll have to figure out another way to entertain myself on a Friday night.
HATE when people talk on a damn cell phone when talking to people trying to help them at a store or restaurant or something. It's just amazingly rude.
It depends on the context. I had to stop by the security building at work one day, while on a work related conference call, and the security guard refused to assist me until I hung up the phone.
Understand, of course, what I needed from him required essentially no interaction, and I made a point of rotating the phone back to indicate I was only passively listening and I could converse if he needed to ask me anything.
I was in a place of business, conducting business, and getting multiple things done simultaneously, which saved taxpayers money. It was not his concern what else I was doing, as long as he could accomplish the task that he was being paid to accomplish.
Now, had I been at a nice restaurant and gabbing on and on with someone when the waiter showed up, he would have been well within reason to ask me to hang up (or even leave).
It's all about context and appropriateness.
(I wrote up a nice complain letter, but I decided to let it drop, wasn't worth fighting over. And I had been told that lots of people had complained about this guy being a jerk, and apparently nothing was done anyway.)
You don't keep your phones long enough. My own iPhone is about a year and a half old, and already has a significantly reduced battery capacity. It sure won't last the 3-4 years I'd expect it to last (I spent 300 bucks on the thing, I'm sure not replacing it every 2 years, even 3 is pretty short.)
And you're insane if you're saying "Oh, it's no big deal to replace the battery in your iPhone."
It requires prying gently with a spudger (Sure, everyone has one of those), a freaking *soldering iron*... Right. That's a perfectly user serviceable battery. Maybe for someone like you or me, who are handy with a soldering iron. But not to the extent that it's plausible to say that the battery is "replaceable".
I just don't see the non-replaceable battery as an issue.
Until the battery stops holding a charge.
I know a guy who works for an agribusiness. I asked him about this last summer. He shrugged and said that for every Roundup product out there, there was another waiting for the first to become ineffective. In fact, it almost makes business sense, that once the patents start expiring, the weeds become resistant and it doesn't matter anymore anyway. Cue the next product in the queue of products, Profit!
No need to gown up. You can see pretty much everything from the viewing area on the second floor of Building 7.
Yes, I know, but something about the human spirit makes seeing it from the other side of the glass not quite as enjoyable as in person.
As long as you are a US citizen, your friends can badge you in at the front gate.
I'm not leaving the agency, just GSFC. I was, in fact, invited back next year when more interesting parts have been accumulated.
My last day at Goddard Space Flight Center was yesterday. (almost 10 years!) I finally got around to getting a friend to give me a tour of the Spacecraft Systems Design and Integration Facility, where I got to see JWST parts in the clean room. (heh, 20 minutes of gowning procedures for a 10 minute trip into the clean room.) Very, very cool. Gonna miss that place.
I'm pretty sure I'm going to follow JWST a lot more heavily now, too many friends are involved in it to ignore it as I have been.
(Sadly, for what were apparently ITAR reasons I couldn't get pictures.)
Michelin and Goodyear are teaming up to produce a series of PSAs aimed at getting young people to increase the rate at which they burn tires.
Nah, that's old news.
We looked at building our own PC based boxes to do it. It all came down to the fact that the cards couldn't really push the speeds.
Hmmm? I'm doing 10 gigabit line rate on a couple of Dell R710's with nehalems in them. In fact, I can do line rate speed across several interfaces simultaneously. I assure you that you can do gigabit line speed with a reasonably recent off the shelf PC, and an e1000 or similar.
I have to say he did an amazing job at the end of Trek II... The way he did Spock's funeral. The talk with Carol. "You ask me how I feel? Old. Worn out." He really did have the ability to act.
I have to say, personally, that his wry, "meh, whatever" attitude in the later films actually contributed to the Kirk character fairly well. He has a great ability to deliver one-liners. Like in V: "Other ships, yes. But no experienced captains. I need Jim Kirk." Shatner's "oh, please" reply was priceless. His "We volunteered?!" to Spock in VI.
Maybe on the whole, if someone else had been cast as Kirk, the character would have worked far better. But the Shat did a pretty decent job, if you ask me.
Richard Jewell, anyone?
My mom has read the obits for years. She works at an outpatient specialty clinic, and she reads it to see which of their patients died. I always found it kind of creepy, but the database integrity geek in me is proud of her. :)