Because she was careless and didn't leave a paper trail. If she were actually brilliant, like most corporate CEOs and similar officers, she would have used an official email account for the day to day bullshit, a personal account for the slightly suggestive, and a very secure account / dead drop / sneakernet system for the blatantly illegal.
I'm going to sound sexist, but every intellectually smart man of power I have met operates in exactly this fashion.
This. Also, a more database like filesystem, like Longhorn was to have, and somewhat along the lines of how Windows Vista/7/8/10 handle metadata gathering on libraries.
Windows already handles the problem correctly. UAC lets you know when a file is trying to run in an executable manner. Android is similarly good about handling APKs.
File extensions need to go away (but remain for legacy systems) and be replaced with filesystem metadata which controls access and execution. In a way, it opens the door for two-part malware, a registered system extension for a given file type, and an otherwise unknown filetype metadata (e.g..FLV / flash-video-meta-file-type and Flash player) which together work in concert to deliver the malicious cargo.
Well, all of the other LIGO detectors have been worthless due to errant signal sources like UPS trucks and natural tremors. I love physics and good experiments, but the LIGO model is a bad one unless you put it on the Antarctic or moon.
Overclocking is no longer a stability taboo for the tinkerers to get their hands into. The barrier to overclocking used to be BIOS settings, jumpers, or specialized 3rd party software.
It makes sense that the driver package enabled overclocking should be a feature the manufacturer has control over. It's senseless and stupid to overclock a notebook GPU in the first place.
nVidia probably started getting calls from one of the OEMs like Dell or HP showing that many expensive warranty replacements were tracked down to GPU thermal issues. At that point they end up in a bad situation with the OEM because the customer has long gone with the replacement hardware and it is difficult to pin the blame on them when they are going to plead ignorance. An overheating GPU probably means a complete replacement of the motherboard and CPU, possibly even RAM and SSD on boards where all of that is integrated and soldered direct to a single system board. In some situations it could be melting plastic housings and causing battery failure. That's a lot of wasted product because some idiot wanted to run Minecraft a few FPS higher.
"Things you can't have because others are too stupid for $400, Alex"
It's called a bell curve. If you expect excellence at any vocation, you're only going to find about 20% of the area under the curve meets expectations. Competence probably only covers 40-60% of the curve in many industries.
Unfortunately, there isn't a good way to filter and remove the bottom 20-30% who shouldn't be working in their given industry. If we could, it would cause massive efficiency improvements worldwide, but we would probably end up with a nice chunk of the bottom 20% being unemployable due to their incompetence being a global personal property rather than isolated to just what they do today. Basically, accepting the incompetent in the workplace is a alternate form of welfare.
Well, the best defense to a swarm of drones is a swarm of vastly greater numbers of smaller, cheaper drones, likely with lower range. I guess buckshot more or less is collapsing that escalation towards the end-game.
Commercial insurance, yes. Lincensure, perhaps. And their employers should be covering the cost. Pizza places should be providing vehicles for the amount of wear and tear all those short trips cause to a car. It's scam employment at it's finest. Pay someone under minimum wage on the basis of tips, then dump the costs of doing business (gas, car maintenance, insurance) on them as if they were a contractor (also not particularly legal).
Parents who let their high school kids get a job delivering pizza instead of flipping burgers or digging ditches are incredibly ignorant and part of the problem.
I am usually extremely against extradition to foreign countries for minor legal infractions, but can Australia go ahead and grab all of the Uber corporate HQ employees under whatever equivalent to RICO, obstruction, and similar organized crime laws they have.
We know Uber is an illegal taxi service in many (most?) jurisdictions in which they operate. I hope that these actions are of a scale and deliberateness to go ahead and start hitting them with the bigger crime laws since most governments have been hesitant to attack the head.
I work in corporate environments. You're still well within the range of physical proximity attacks. Acoustic keyboard analysis works on both wired and wireless keyboards. Wired keyboards are still subject to, and perhaps even easier to listen into their EMR characteristics.
A younger generation would be better served by a general understanding of EMR, more specifically the fundamental physics of electricity, inductance, and RF. Understanding the general underlying principals from the science side, then the security side, and one needs no introduction to such attack vectors. They are natural results of knowledge.
Articles on new security breaking or testing devices never make sense from the perspective of why is this interesting. Another device that uses pretty vanilla methods to accomplish a trivial but scary sounding task. If it requires physical access or certain proximity, it's not novel, it's just a rehash of known methods for compromising devices not designed to be secure in the first place.
Hardware keyboard loggers have been around since the 80's. Now because this one does it over unlicensed RF, that makes it interesting? No. Sniffing RF keyboards has been done for nearly 10 years now.
And this one wastes the power of an Arduino when nothing remotely that sophisticated is required. Oh, I get it, buzzwords. Why didn't they use a Raspberry PI hooked up to the Arduino to upload the sniffing over Wifi and provide remote control. That has way more script kiddie / proto-board masher street cred.
If we're going to go all TEMPEST then they should try to grab video output from RF as well.
Computationally, running a car engine is trivial for a raspberry pi. Early EFI used processors in the KHz range and even current ECUs like Megasquirt use 16 bit 50 or 100 MHz processors.
Fuel injection and spark events only occur at the 10s of Hz scale (topping out at around 60 each per second). Even if you handle cam phasing and MAF sampling at 100 times that interval, you're still within the computational work load of a couple dozen MHz of instructions.
The research is only interesting because they are taking advantage of way overspecced processing power to approach combustion more granularly per event and trying to learn from each one and control the next. It only got press here because they used Linux (anything production grade would use QNX or similar).
The expensive part of an ECU isn't the processor. It is supporting circuitry to tolerate lots of EMI noise, varying supply voltages, and lastly, driving fuel injectors (they're actually a PITA because of voltage / current / pulsing).
If they really want to get ambitious, their system will learn the exact intake geometry effects(intake asymmetry) , individual injector flow characteristics, and cylinder geometry (build up, hot spots) and thermal trends just by watching I/O.
Where I am (TX), it is very easy for 2 years at a CC to knock out 2 years at a university. The trick is to take everything from the common core, and get the correct list either from the CC or the possible university choices of what courses to take that transfer most directly towards the chosen major. One other reason 2 years at a CC frequently doesn't knock off 2 years at university is that many times students are taking catch-up classes that freshmen at a university wouldn't take. For example, I had been out of school for around 10 years and decided I should take Trigonometry at the CC before taking Calculus 1 at the university. None of the on-time freshmen for the major I was pursuing started at less than Calculus 1 their first semester.
If one doesn't know what to ask as far as course load from the CC, they will usually put you in a few of the catch-up type classes of material you should have from high school because of the sheer number of students they have which need them.
The federal school loan program is turning out to be wildly profitable new tax program for the federal government. The loans are exempt from bankruptcy and are typically $40+k per student.
It's incredibly affordable with the amount of federal, state, and county money already subsidizing community colleges to pick up the last 5-10%. This is more likely a program to entice mediocrity into buying into federal school loans for universities after 2 years at the community college level. The GPA requirement is clearly a troll move unless we're going to get honest as a country and start making the 2.5-3 range GPA kids take trades classes at the community college.
Even worse, by making the 2 years free, many students will be skating by on a lot of electives and "fun" classes which will keep them in the perpetual life student mindset. This is the same error that came with making parents responsible for their children's health insurance until they are 25.
Lastly, this is finally saying that the K-12 system is broken and we're not going to fix it. What better way to say that a HS diploma is worthless than making an Associate's degree a freebie.
If you want to incentivize hard work, pay for the last year at a university for students who finish "on time" in 4-4.5 years.
As an IT guy not currently fit enough for military service, I completely agree with basic combat training. I have a lot of respect for the military and wouldn't want to join if I couldn't physically back up fellow troops in a pinch.
If there are technicians important for military support and technology missions, they can be part of a civilian group or one of the various security services like the NSA or CIA which does not have operational combat requirements for all members.
Between TOR and Bitcoin, you would think these things were designed by security services like the NSA or GCHQ. TOR is slow, onerous, and never provided reliable anonymity. If anything, the low network throughput was part of the design to slow the dissemination of large files like government documents and child pornography.
Bitcoin is only anonymous while the exchanges hide your identity. Rather than actually anonymizing transfers, Bitcoin is the ultimate currency tracking tool, leaving a user identifiable trace on every transaction. It literally leaves a trace where law enforcement can say that a $20 drug purchase was funneled to buy guns for organized crime. Further, Bitcoin looks more like a large scale generator for encryption cracking rainbow tables.
Besides the darknet lurkers and delusionally paranoid journalists (ahem Dan Goodin), TOR never has found use for anything legitimate, it's all just drugs, porn, and bad tin foil hat literature. Even Bittorrent has reasonable use cases (works great for backing up very large files from point A to B on a one time basis).
This is because when Google first rolled out search of Google Videos and then YouTube (shortly post acquisition) the search keywords and phrases where only the title and keywords / phrases that Google search experts added by hand for top viewed and educational videos.
Since then, I understand that speech to text, author tags, and discussion comments all factor into the keyword pool. The pool is polluted as well as an active target for SEO schmucks. They also need to get rid of the thumbs up / down moderation and go to at least a 5 point scale. I wish more in meta-moderation was being done to identify "good evaluators" and let their scores and tagging carry stronger weight or be a sort criteria of it's own. The only usable system like this so far seems to be Rotten Tomatoes.
Another issue is the fact that view counts are all that matter for ad revenue to uploaders. This has left subject areas with few people producing video content as easy pickings for low production value tripe. About the only areas with enough competition and/or ethics to produce good production value seem to be gaming and hardware reviews and science education.
I've said it before, and I will say it again. Make people upload source video with separate audio tracks for original content, verbal commentary (over dubs), and added music / SFX. I am so f'ing sick of having to listen to some idiots crap choice in music to watch an instructional or useful video. Even worse when I can't hear the explanation over the music track.
I am almost completely fine with the MPAA / ASCAP / etc. pulling videos with music tracks under DMCA if it would teach amateurs to stop adding soundtracks to otherwise useful or entertaining content.
Privacy, copyright, resolution, and control issues aside, it seems like Facebook currently has the best software for collecting, cataloging, and tagging images. The facial recognition in Facebook is even excellent, automatically suggesting to tag friends accurately in poorly lit, blurry shots. The timeline, album, and geographical features are great, with the biggest weakness is usually bandwidth to sync a large bulk of photos in one go.
I am certainly not suggesting he use Facebook, quite the opposite. I'm saying that commercial standalone software should try to be as good and easy to use as Facebook and similar like Google+.
Android is an objectively bad OS. It's designed for mobile devices and commits the great sin of failing to be parsimonious with computing resources.
I am a current Android user (Galaxy S4) and have always championed it over iPhone due to the greater device control and options. I'm getting off that train with my next phone purchase. The last nail in the coffin was getting to see a heads up comparison of battery life of HTC One M8 Android vs WP 8. Previously it was easy to dismiss WP 8's battery life on underpowered CPUs and lots of crazy tweaks by Nokia engineers. Now the truth is out, that Android is just a sluggish OS due to poor optimization and the ignorant insistence of using scripting language / virtualized code everywhere instead of compiling for the target.
I have an earlier model G35, and as much as I would like to have the push button start option, I fear exactly that. So far I think only a couple members of a local club have had to deal with it, though I hear it is more prevalent with some of the SUVs.
This does coincide with the BMW and similar thefts due to remote hacking. It's unacceptable and either the manufactures should be footing the bill directly or paying an underwriter to take responsibility for security mistakes.
I should clarify that although all of my examples stem from the perspective of consumer devices in the home, they should equally apply to the implementation of industrial, infrastructure, and similar commercial systems.
This is all fine and dandy as long as a few simple requirements are well understood by the technology implementers. 1) Legal liability for appliances and their cock ups is handled in much the same way as it is now. If my toaster starts a fire and burns down my house, the insurance cuts me a check immediately while they handle the legal battle with GE (toaster manufacturer) and UL (Underwriters Laboratory who signed off on the device safety). The same legal protections for technology in appliances should be in effect. If my dishwasher gets malware (or just includes it by default) and causes my refrigerator to stop working and spoil my food, the insurance cuts me a check for my losses and to replace the defective appliances, and handles the legal issues. 2) Device interoperability needs to be as easy as antiquated analog systems. You could hook up a TV with RCA or coax connections and be watching off a VCR or DVD player in minutes. It's ridiculous that HDMI is rarely so straightforward (it occasionally works this simply). Resolution, aspect ratio, audio stream selection, and DRM phone home setup is retarded. 3) Pick a device class to be the central hub, management, and gatekeeper. I suggest home wifi routers or a cheap, simple network bridge device. 4) Full control of permissions and actions by devices with simple to understand language. If I don't want my washing machine downloading ads for Tide and Purex, it better f---ing not download ads. Same goes for usage tracking uploads. 5) Power usage should not significantly go up. If anything, connected devices should be able to lend clues as to how little changes can make my home greener and/or lower utility bills. Example: washing machine suggests running wash cycle at 8 PM to get out of peak usage billing. It sends me an SMS if I select, to let me know to put the clothes into the dryer. 6) Device electronics / control should be isolated to prevent the additional complication from increasing failure rate. It's stupid, bad engineering that the more features a home appliance has, i.e. the more premium it is, the more consumers see failures. If the toaster can't get online, it better still make my toast when I press the button.
Not to mention the frequency where customers realized they are / were getting way overcharged for the amount of code they essentially purchased.
It is interesting to see Agile + managed hosting / development / support become popular for software products in niche markets where a new version every 5 years would cover every use case. At the same time those niches are severely disrupted as soon as a competing product enters the marketplace.
Slashdot Mirror
Because she was careless and didn't leave a paper trail. If she were actually brilliant, like most corporate CEOs and similar officers, she would have used an official email account for the day to day bullshit, a personal account for the slightly suggestive, and a very secure account / dead drop / sneakernet system for the blatantly illegal.
I'm going to sound sexist, but every intellectually smart man of power I have met operates in exactly this fashion.
I don't remember this plot arc nuance in season 3 of House of Cards. Did I miss something?
This. Also, a more database like filesystem, like Longhorn was to have, and somewhat along the lines of how Windows Vista/7/8/10 handle metadata gathering on libraries.
.FLV / flash-video-meta-file-type and Flash player) which together work in concert to deliver the malicious cargo.
Windows already handles the problem correctly. UAC lets you know when a file is trying to run in an executable manner. Android is similarly good about handling APKs.
File extensions need to go away (but remain for legacy systems) and be replaced with filesystem metadata which controls access and execution. In a way, it opens the door for two-part malware, a registered system extension for a given file type, and an otherwise unknown filetype metadata (e.g.
Well, all of the other LIGO detectors have been worthless due to errant signal sources like UPS trucks and natural tremors. I love physics and good experiments, but the LIGO model is a bad one unless you put it on the Antarctic or moon.
Overclocking is no longer a stability taboo for the tinkerers to get their hands into. The barrier to overclocking used to be BIOS settings, jumpers, or specialized 3rd party software.
It makes sense that the driver package enabled overclocking should be a feature the manufacturer has control over. It's senseless and stupid to overclock a notebook GPU in the first place.
nVidia probably started getting calls from one of the OEMs like Dell or HP showing that many expensive warranty replacements were tracked down to GPU thermal issues. At that point they end up in a bad situation with the OEM because the customer has long gone with the replacement hardware and it is difficult to pin the blame on them when they are going to plead ignorance. An overheating GPU probably means a complete replacement of the motherboard and CPU, possibly even RAM and SSD on boards where all of that is integrated and soldered direct to a single system board. In some situations it could be melting plastic housings and causing battery failure. That's a lot of wasted product because some idiot wanted to run Minecraft a few FPS higher.
"Things you can't have because others are too stupid for $400, Alex"
It's called a bell curve. If you expect excellence at any vocation, you're only going to find about 20% of the area under the curve meets expectations. Competence probably only covers 40-60% of the curve in many industries.
Unfortunately, there isn't a good way to filter and remove the bottom 20-30% who shouldn't be working in their given industry. If we could, it would cause massive efficiency improvements worldwide, but we would probably end up with a nice chunk of the bottom 20% being unemployable due to their incompetence being a global personal property rather than isolated to just what they do today. Basically, accepting the incompetent in the workplace is a alternate form of welfare.
Well, the best defense to a swarm of drones is a swarm of vastly greater numbers of smaller, cheaper drones, likely with lower range. I guess buckshot more or less is collapsing that escalation towards the end-game.
Now, self-guided droneshot... that's the ticket.
Commercial insurance, yes. Lincensure, perhaps. And their employers should be covering the cost. Pizza places should be providing vehicles for the amount of wear and tear all those short trips cause to a car. It's scam employment at it's finest. Pay someone under minimum wage on the basis of tips, then dump the costs of doing business (gas, car maintenance, insurance) on them as if they were a contractor (also not particularly legal).
Parents who let their high school kids get a job delivering pizza instead of flipping burgers or digging ditches are incredibly ignorant and part of the problem.
I am usually extremely against extradition to foreign countries for minor legal infractions, but can Australia go ahead and grab all of the Uber corporate HQ employees under whatever equivalent to RICO, obstruction, and similar organized crime laws they have.
We know Uber is an illegal taxi service in many (most?) jurisdictions in which they operate. I hope that these actions are of a scale and deliberateness to go ahead and start hitting them with the bigger crime laws since most governments have been hesitant to attack the head.
Mostly helping the hack job security companies have yet another dumb toy to trot out during demos and pentesting.
I work in corporate environments. You're still well within the range of physical proximity attacks. Acoustic keyboard analysis works on both wired and wireless keyboards. Wired keyboards are still subject to, and perhaps even easier to listen into their EMR characteristics.
A younger generation would be better served by a general understanding of EMR, more specifically the fundamental physics of electricity, inductance, and RF. Understanding the general underlying principals from the science side, then the security side, and one needs no introduction to such attack vectors. They are natural results of knowledge.
Articles on new security breaking or testing devices never make sense from the perspective of why is this interesting. Another device that uses pretty vanilla methods to accomplish a trivial but scary sounding task. If it requires physical access or certain proximity, it's not novel, it's just a rehash of known methods for compromising devices not designed to be secure in the first place.
Hardware keyboard loggers have been around since the 80's. Now because this one does it over unlicensed RF, that makes it interesting? No. Sniffing RF keyboards has been done for nearly 10 years now.
And this one wastes the power of an Arduino when nothing remotely that sophisticated is required. Oh, I get it, buzzwords. Why didn't they use a Raspberry PI hooked up to the Arduino to upload the sniffing over Wifi and provide remote control. That has way more script kiddie / proto-board masher street cred.
If we're going to go all TEMPEST then they should try to grab video output from RF as well.
Computationally, running a car engine is trivial for a raspberry pi. Early EFI used processors in the KHz range and even current ECUs like Megasquirt use 16 bit 50 or 100 MHz processors.
Fuel injection and spark events only occur at the 10s of Hz scale (topping out at around 60 each per second). Even if you handle cam phasing and MAF sampling at 100 times that interval, you're still within the computational work load of a couple dozen MHz of instructions.
The research is only interesting because they are taking advantage of way overspecced processing power to approach combustion more granularly per event and trying to learn from each one and control the next. It only got press here because they used Linux (anything production grade would use QNX or similar).
The expensive part of an ECU isn't the processor. It is supporting circuitry to tolerate lots of EMI noise, varying supply voltages, and lastly, driving fuel injectors (they're actually a PITA because of voltage / current / pulsing).
If they really want to get ambitious, their system will learn the exact intake geometry effects(intake asymmetry) , individual injector flow characteristics, and cylinder geometry (build up, hot spots) and thermal trends just by watching I/O.
Where I am (TX), it is very easy for 2 years at a CC to knock out 2 years at a university. The trick is to take everything from the common core, and get the correct list either from the CC or the possible university choices of what courses to take that transfer most directly towards the chosen major. One other reason 2 years at a CC frequently doesn't knock off 2 years at university is that many times students are taking catch-up classes that freshmen at a university wouldn't take. For example, I had been out of school for around 10 years and decided I should take Trigonometry at the CC before taking Calculus 1 at the university. None of the on-time freshmen for the major I was pursuing started at less than Calculus 1 their first semester.
If one doesn't know what to ask as far as course load from the CC, they will usually put you in a few of the catch-up type classes of material you should have from high school because of the sheer number of students they have which need them.
It is all about planning.
The federal school loan program is turning out to be wildly profitable new tax program for the federal government. The loans are exempt from bankruptcy and are typically $40+k per student.
It's incredibly affordable with the amount of federal, state, and county money already subsidizing community colleges to pick up the last 5-10%. This is more likely a program to entice mediocrity into buying into federal school loans for universities after 2 years at the community college level. The GPA requirement is clearly a troll move unless we're going to get honest as a country and start making the 2.5-3 range GPA kids take trades classes at the community college.
Even worse, by making the 2 years free, many students will be skating by on a lot of electives and "fun" classes which will keep them in the perpetual life student mindset. This is the same error that came with making parents responsible for their children's health insurance until they are 25.
Lastly, this is finally saying that the K-12 system is broken and we're not going to fix it. What better way to say that a HS diploma is worthless than making an Associate's degree a freebie.
If you want to incentivize hard work, pay for the last year at a university for students who finish "on time" in 4-4.5 years.
As an IT guy not currently fit enough for military service, I completely agree with basic combat training. I have a lot of respect for the military and wouldn't want to join if I couldn't physically back up fellow troops in a pinch.
If there are technicians important for military support and technology missions, they can be part of a civilian group or one of the various security services like the NSA or CIA which does not have operational combat requirements for all members.
Between TOR and Bitcoin, you would think these things were designed by security services like the NSA or GCHQ. TOR is slow, onerous, and never provided reliable anonymity. If anything, the low network throughput was part of the design to slow the dissemination of large files like government documents and child pornography.
Bitcoin is only anonymous while the exchanges hide your identity. Rather than actually anonymizing transfers, Bitcoin is the ultimate currency tracking tool, leaving a user identifiable trace on every transaction. It literally leaves a trace where law enforcement can say that a $20 drug purchase was funneled to buy guns for organized crime. Further, Bitcoin looks more like a large scale generator for encryption cracking rainbow tables.
Besides the darknet lurkers and delusionally paranoid journalists (ahem Dan Goodin), TOR never has found use for anything legitimate, it's all just drugs, porn, and bad tin foil hat literature. Even Bittorrent has reasonable use cases (works great for backing up very large files from point A to B on a one time basis).
This is because when Google first rolled out search of Google Videos and then YouTube (shortly post acquisition) the search keywords and phrases where only the title and keywords / phrases that Google search experts added by hand for top viewed and educational videos.
Since then, I understand that speech to text, author tags, and discussion comments all factor into the keyword pool. The pool is polluted as well as an active target for SEO schmucks. They also need to get rid of the thumbs up / down moderation and go to at least a 5 point scale. I wish more in meta-moderation was being done to identify "good evaluators" and let their scores and tagging carry stronger weight or be a sort criteria of it's own. The only usable system like this so far seems to be Rotten Tomatoes.
Another issue is the fact that view counts are all that matter for ad revenue to uploaders. This has left subject areas with few people producing video content as easy pickings for low production value tripe. About the only areas with enough competition and/or ethics to produce good production value seem to be gaming and hardware reviews and science education.
I've said it before, and I will say it again. Make people upload source video with separate audio tracks for original content, verbal commentary (over dubs), and added music / SFX. I am so f'ing sick of having to listen to some idiots crap choice in music to watch an instructional or useful video. Even worse when I can't hear the explanation over the music track.
I am almost completely fine with the MPAA / ASCAP / etc. pulling videos with music tracks under DMCA if it would teach amateurs to stop adding soundtracks to otherwise useful or entertaining content.
Privacy, copyright, resolution, and control issues aside, it seems like Facebook currently has the best software for collecting, cataloging, and tagging images. The facial recognition in Facebook is even excellent, automatically suggesting to tag friends accurately in poorly lit, blurry shots. The timeline, album, and geographical features are great, with the biggest weakness is usually bandwidth to sync a large bulk of photos in one go.
I am certainly not suggesting he use Facebook, quite the opposite. I'm saying that commercial standalone software should try to be as good and easy to use as Facebook and similar like Google+.
Android is an objectively bad OS. It's designed for mobile devices and commits the great sin of failing to be parsimonious with computing resources.
I am a current Android user (Galaxy S4) and have always championed it over iPhone due to the greater device control and options. I'm getting off that train with my next phone purchase. The last nail in the coffin was getting to see a heads up comparison of battery life of HTC One M8 Android vs WP 8. Previously it was easy to dismiss WP 8's battery life on underpowered CPUs and lots of crazy tweaks by Nokia engineers. Now the truth is out, that Android is just a sluggish OS due to poor optimization and the ignorant insistence of using scripting language / virtualized code everywhere instead of compiling for the target.
I have an earlier model G35, and as much as I would like to have the push button start option, I fear exactly that. So far I think only a couple members of a local club have had to deal with it, though I hear it is more prevalent with some of the SUVs.
This does coincide with the BMW and similar thefts due to remote hacking. It's unacceptable and either the manufactures should be footing the bill directly or paying an underwriter to take responsibility for security mistakes.
I should clarify that although all of my examples stem from the perspective of consumer devices in the home, they should equally apply to the implementation of industrial, infrastructure, and similar commercial systems.
This is all fine and dandy as long as a few simple requirements are well understood by the technology implementers.
1) Legal liability for appliances and their cock ups is handled in much the same way as it is now.
If my toaster starts a fire and burns down my house, the insurance cuts me a check immediately while they handle the legal battle with GE (toaster manufacturer) and UL (Underwriters Laboratory who signed off on the device safety). The same legal protections for technology in appliances should be in effect. If my dishwasher gets malware (or just includes it by default) and causes my refrigerator to stop working and spoil my food, the insurance cuts me a check for my losses and to replace the defective appliances, and handles the legal issues.
2) Device interoperability needs to be as easy as antiquated analog systems.
You could hook up a TV with RCA or coax connections and be watching off a VCR or DVD player in minutes. It's ridiculous that HDMI is rarely so straightforward (it occasionally works this simply). Resolution, aspect ratio, audio stream selection, and DRM phone home setup is retarded.
3) Pick a device class to be the central hub, management, and gatekeeper. I suggest home wifi routers or a cheap, simple network bridge device.
4) Full control of permissions and actions by devices with simple to understand language.
If I don't want my washing machine downloading ads for Tide and Purex, it better f---ing not download ads. Same goes for usage tracking uploads.
5) Power usage should not significantly go up. If anything, connected devices should be able to lend clues as to how little changes can make my home greener and/or lower utility bills. Example: washing machine suggests running wash cycle at 8 PM to get out of peak usage billing. It sends me an SMS if I select, to let me know to put the clothes into the dryer.
6) Device electronics / control should be isolated to prevent the additional complication from increasing failure rate.
It's stupid, bad engineering that the more features a home appliance has, i.e. the more premium it is, the more consumers see failures. If the toaster can't get online, it better still make my toast when I press the button.
Not to mention the frequency where customers realized they are / were getting way overcharged for the amount of code they essentially purchased.
It is interesting to see Agile + managed hosting / development / support become popular for software products in niche markets where a new version every 5 years would cover every use case. At the same time those niches are severely disrupted as soon as a competing product enters the marketplace.