No. You are wrong. And you should NOT be shocked. Amazon would indeed rush this out without sufficient testing -- even without the motive of a grab for more cash. A more important concern you should have is whether Amazon has these people insured and/or bonded. Can access to your house be obtained by hacking Amazon or something the delivery person has? So do not assume the idea is well thought out, nor that even more security flaws won't be found.
Some people only allow in housekeepers while they are home. Others may interview housekeepers first before giving them a key, and insisting on the housekeeper being insured and/or bonded. The housekeeper probably has access to a very limited number of homes compared to an Amazon / FedEd / UPS / etc delivery boy. Having some kind of "master key" to a large number of homes gives the feeling of being less likely to get caught.
As for babysitters, you are entrusting them with the care of another human(s), which is a much higher level of trust than with your home. Interviews. Background checks. Etc.
With a housekeeper / babysitter, if you are burglarized, it is easier for police to investigate a very small pool of potential burglars. With an Amazon Key, how many people potentially had access to that key?
With a known babysitter / housekeeper, hacking is probably not a likely way to get into your home. With an Amazon key, you are less sure about how many people have or can gain access to your home. (No matter what Amazon says.)
I think what you mean by Trump level stupid, is that this guy, like Trump, undermines his own interests by bragging about what he has done and gotten away with.
Although I will agree it is Trump level stupid, this particular kind of stupid is actually a fairly common type of dumb criminal stupid.
Having your name on buildings, millions of dollars, and getting elected president are not mutually exclusive with being stupid.
Yes. He IS stupid.
As well as a sexist, racist, pig, loud mouth, bully, orange clown.
None of those things exclude any of the others. It is possible to be rich and stupid. Famous and stupid. President and stupid. (How many stupid politicians are there do you think?)
Trump cannot speak in complete sentences. He cannot complete a thought, unless he is reading what someone else wrote.
Now, I'm not trying to say any of the above in anger. It's just a fact. You can disagree with any set of items in the above as applying to Trump. Fine. But nothing precludes them from all potentially being true, in principle.
OS X didn't run on my thousands of dollars of hardware. Two PowerMac 7600 and one PowerMac 7500.
If I was going to have to invest in all new hardware:
1. PC hardware is cheaper for a given performance level
2. More readily available
3. More competitive -- from multiple vendors, not just Apple
4. And Apple abandoned me just at a time when I was studying Linux and considering trying it. Apple just gave me the push I needed to venture into the scary world of PC hardware.
Yep. I went from Mac Classic with MPW to Linux. Because OS X was not classic enough to run on my expensive hardware requiring new expensive hardware. But it doesn't matter. For some years, I didn't have any ill will towards Apple. I fondly remembered them from the 80's and 90's when I was a card carrying Mac fanboy and developer. By the time of the iPhone, the company was not the same Apple anymore. By 2009 I actively hated them because I was into Android (which was a good move). Now Apple is nothing but expensive boutique computers that aren't even that good. Back in the day, Apple was a technology leader. Today, it is all about "design" and "fashion". Form over Function. And it shows. And the snobbery of today's Apple fanboys just confirms my bias. Hope that helps clarify.
> The government does not spend nearly enough tax money on scientific research
Why should the government spend money on science when we have the Great Orange One to give us all the answers. Even worse, those scientists do not even agree with the answers.
Here is an example of REAL leadershipness:
> "Why should we subsidize intellectual curiosity?" -Ronald Reagan
Then . . .
> Yes, we need more science.
We don't need no steenkin' science. It takes away time that could be spent on Twitter.
That's not a bad idea. And I have plenty of capacity available to play with VMs. That said, committing to it on physical hardware is a major commitment.
I started with SuSE 5.3 in about summer 1999. As Apple completely abandoned me with OS X, I began my migration from Mac classic to Linux. I had some AMD Athlon processor and 256 MB RAM at the time. It was my first PC and I was very unfamiliar with PC hardware -- being a Mac (classic) guy at the time.
I was a KDE lover back in the early 2000's. Until KDE 4. I had no choice but to switch to a desktop that actually worked, even if not as nice as KDE. Now, more than a decade later, I sometimes think of trying KDE again. Looking back fondly to KDE 3. How integrated everything seemed. But I just can't get over the inertia to even give it a try.
Now one of my favorite distros, Mint, that was the one that might have let me dip my toes into the waters of KDE, is abandoning KDE. Oh, well. It was nice knowing KDE. Like Apple back in its heyday (I mean the 1980's and early 90's) it was great. But things change.
Maybe the Linux "Desktop" came in a form that nobody recognized.
While there are plenty who use an actual Linux Desktop, it is also a fact that Linux based systems vastly outnumber Windows to the point that Windows is really the strange incompatible orphan child. No wonder Microsoft's efforts to embrace open source and Linux in the last few years. The efforts to force everyone into Windows 10 subscription model is an admission that the monopoly desktop model is at an end.
Chromebooks have outsold Windows laptops on Amazon for years and years now.
Most people only need phones and tablets -- the vast overwhelming majority of which run . . . Linux.
While Microsoft has a solid business with its enterprise software, if they don't screw it up, it seems like their other efforts are to keep from falling into irrelevance. Linux owns the cloud space. Linux owns IoT. Everything from set top boxes to wristwatches to thermostats, digital cameras, car infotainment systems, so called "smart" TVs, and on and on and on. A mere 99% of supercomputers run Linux. The open source model has produced more software that is freely available for everyone else to use, instead of the locked up proprietary model, that it is no wonder Microsoft is starting to embrace this model.
Maybe the Linux "Desktop" came and nobody noticed.
If you can't do any better, such as collect entropy from something, then at least use the least significant bits of the date / time stamp. Most systems have a clock with milliseconds resolution. Even if you only have a clock with seconds resolution, that is better than a hard coded number. Even if the clock hasn't been set by the user. It accumulates time from that blinking 12:00:00 AM that it initially started at.
But there are plenty of things you could use. Timestamps of all incoming events, such as keystrokes, moose movements, memory usage, cpu usage and / or temp, etc that have a few bits you could mix into your PRNG seed. And even one bit matters.
I think it is an accident to call it "Don't Use Hard-coded Keys".
How about using Seeds instead of Keys. Since the actual problem is using a hard coded random number generator seed. Not a hard coded crypto key. Although I suppose a hardcoded PRNG seed results in effectively a hard coded key as well.
While the mis-naming may be an accident, the actual problem may not be an accident. TLAs are always looking for ways to compromise systems while leaving us with a false sense of security.
Microsoft sees that the model of monopoly pricing of software is at an end. It has to look to new ways of getting revenue. Look at the shiny business model of selling your personal information used by Google and FaceTwit!
Of course, Microsoft's enterprise software has a decent future, if they don't screw it up. But nothing like Microsoft's glory days with no viable alternative platforms and when an outrageously priced software license was like a small tax on very expensive hardware. Today, a $30 software license is the elephant in the room on a $180 hardware item. (like a chromebook, as an example)
> It's too quiet. How can pedestrians keep being absorbed in their smartphones if you can't hear traffic anymore over the music you're playing on your headphones?
What do you mean "how can"? The quietness of these sleek trucks does not inhibit pedestrians from being absorbed in their smartphones. (Not necessarily absorbed listening to music.)
As for listening to music with headphones and being unable to hear traffic. Either turn down, or turn off the music, or become a nominee for the prestigious and coveted Darwin Award.
A Flash player implemented entirely in JavaScript would be not only very interesting but also way cold. However it would only be useful for legacy applications. Not desirable for new applications where you can simply write your app directly for the advanced capabilities of modern browsers. But, thanks for pointing that out.
Slashdot Mirror
No. You are wrong. And you should NOT be shocked. Amazon would indeed rush this out without sufficient testing -- even without the motive of a grab for more cash. A more important concern you should have is whether Amazon has these people insured and/or bonded. Can access to your house be obtained by hacking Amazon or something the delivery person has? So do not assume the idea is well thought out, nor that even more security flaws won't be found.
Your unsecured Amazon camera is probably already accessible to people who really want to access it.
Some people only allow in housekeepers while they are home. Others may interview housekeepers first before giving them a key, and insisting on the housekeeper being insured and/or bonded. The housekeeper probably has access to a very limited number of homes compared to an Amazon / FedEd / UPS / etc delivery boy. Having some kind of "master key" to a large number of homes gives the feeling of being less likely to get caught.
As for babysitters, you are entrusting them with the care of another human(s), which is a much higher level of trust than with your home. Interviews. Background checks. Etc.
With a housekeeper / babysitter, if you are burglarized, it is easier for police to investigate a very small pool of potential burglars. With an Amazon Key, how many people potentially had access to that key?
With a known babysitter / housekeeper, hacking is probably not a likely way to get into your home. With an Amazon key, you are less sure about how many people have or can gain access to your home. (No matter what Amazon says.)
Wouldn't millennials be playing video games at work instead of watching Netflix?
> What kind of jobs have these people got where you can watch TV series while working?
The easiest job in the world:
Donald Trump's Fact Checker.
> Sounds like a whole lot of IT departments need to set up some egress filtering...
Yes. People should not be watching Netflix at work when they should be watching pr0n instead.
I don't want an advertisement.
I want the article to be 1 page. And it should be mostly pictures.
Just like national intelligence briefings.
I think what you mean by Trump level stupid, is that this guy, like Trump, undermines his own interests by bragging about what he has done and gotten away with.
Although I will agree it is Trump level stupid, this particular kind of stupid is actually a fairly common type of dumb criminal stupid.
Having your name on buildings, millions of dollars, and getting elected president are not mutually exclusive with being stupid.
Yes. He IS stupid.
As well as a sexist, racist, pig, loud mouth, bully, orange clown.
None of those things exclude any of the others. It is possible to be rich and stupid. Famous and stupid. President and stupid. (How many stupid politicians are there do you think?)
Trump cannot speak in complete sentences. He cannot complete a thought, unless he is reading what someone else wrote.
Now, I'm not trying to say any of the above in anger. It's just a fact. You can disagree with any set of items in the above as applying to Trump. Fine. But nothing precludes them from all potentially being true, in principle.
The levels of stupid of that guy are monumental.
It seems like he wanted to be caught as many different ways as possible.
From TFA:
> “There have been many hypotheses about the pyramid, but no one even
> imagined that such a big void is located above the Grand Gallery.”
Shouldn't that be long void?
long void is to void as long int is to int.
C'mon guys. Let's have consistency on this.
See my post directly above that I cannot cite a source for that.
I can't cite a source for that. So I will concede that point.
OS X didn't run on my thousands of dollars of hardware. Two PowerMac 7600 and one PowerMac 7500.
If I was going to have to invest in all new hardware:
1. PC hardware is cheaper for a given performance level
2. More readily available
3. More competitive -- from multiple vendors, not just Apple
4. And Apple abandoned me just at a time when I was studying Linux and considering trying it. Apple just gave me the push I needed to venture into the scary world of PC hardware.
Yep. I went from Mac Classic with MPW to Linux. Because OS X was not classic enough to run on my expensive hardware requiring new expensive hardware. But it doesn't matter. For some years, I didn't have any ill will towards Apple. I fondly remembered them from the 80's and 90's when I was a card carrying Mac fanboy and developer. By the time of the iPhone, the company was not the same Apple anymore. By 2009 I actively hated them because I was into Android (which was a good move). Now Apple is nothing but expensive boutique computers that aren't even that good. Back in the day, Apple was a technology leader. Today, it is all about "design" and "fashion". Form over Function. And it shows. And the snobbery of today's Apple fanboys just confirms my bias. Hope that helps clarify.
/Sarcasm On
/Sarcasm Off
> The government does not spend nearly enough tax money on scientific research
Why should the government spend money on science when we have the Great Orange One to give us all the answers. Even worse, those scientists do not even agree with the answers.
Here is an example of REAL leadershipness:
> "Why should we subsidize intellectual curiosity?" -Ronald Reagan
Then . . .
> Yes, we need more science.
We don't need no steenkin' science. It takes away time that could be spent on Twitter.
That's not a bad idea. And I have plenty of capacity available to play with VMs. That said, committing to it on physical hardware is a major commitment.
I started with SuSE 5.3 in about summer 1999. As Apple completely abandoned me with OS X, I began my migration from Mac classic to Linux. I had some AMD Athlon processor and 256 MB RAM at the time. It was my first PC and I was very unfamiliar with PC hardware -- being a Mac (classic) guy at the time.
I was a KDE lover back in the early 2000's. Until KDE 4. I had no choice but to switch to a desktop that actually worked, even if not as nice as KDE. Now, more than a decade later, I sometimes think of trying KDE again. Looking back fondly to KDE 3. How integrated everything seemed. But I just can't get over the inertia to even give it a try.
Now one of my favorite distros, Mint, that was the one that might have let me dip my toes into the waters of KDE, is abandoning KDE. Oh, well. It was nice knowing KDE. Like Apple back in its heyday (I mean the 1980's and early 90's) it was great. But things change.
Maybe the Linux "Desktop" came in a form that nobody recognized.
While there are plenty who use an actual Linux Desktop, it is also a fact that Linux based systems vastly outnumber Windows to the point that Windows is really the strange incompatible orphan child. No wonder Microsoft's efforts to embrace open source and Linux in the last few years. The efforts to force everyone into Windows 10 subscription model is an admission that the monopoly desktop model is at an end.
Chromebooks have outsold Windows laptops on Amazon for years and years now.
Most people only need phones and tablets -- the vast overwhelming majority of which run . . . Linux.
While Microsoft has a solid business with its enterprise software, if they don't screw it up, it seems like their other efforts are to keep from falling into irrelevance. Linux owns the cloud space. Linux owns IoT. Everything from set top boxes to wristwatches to thermostats, digital cameras, car infotainment systems, so called "smart" TVs, and on and on and on. A mere 99% of supercomputers run Linux. The open source model has produced more software that is freely available for everyone else to use, instead of the locked up proprietary model, that it is no wonder Microsoft is starting to embrace this model.
Maybe the Linux "Desktop" came and nobody noticed.
If you can't do any better, such as collect entropy from something, then at least use the least significant bits of the date / time stamp. Most systems have a clock with milliseconds resolution. Even if you only have a clock with seconds resolution, that is better than a hard coded number. Even if the clock hasn't been set by the user. It accumulates time from that blinking 12:00:00 AM that it initially started at.
But there are plenty of things you could use. Timestamps of all incoming events, such as keystrokes, moose movements, memory usage, cpu usage and / or temp, etc that have a few bits you could mix into your PRNG seed. And even one bit matters.
I think it is an accident to call it "Don't Use Hard-coded Keys".
How about using Seeds instead of Keys. Since the actual problem is using a hard coded random number generator seed. Not a hard coded crypto key. Although I suppose a hardcoded PRNG seed results in effectively a hard coded key as well.
While the mis-naming may be an accident, the actual problem may not be an accident. TLAs are always looking for ways to compromise systems while leaving us with a false sense of security.
Cremation? But what about the Resurrection?
Also, to point out, the reason a corpse is cremated in a casket is so that there are some ashes to put in the urn.
Microsoft sees that the model of monopoly pricing of software is at an end. It has to look to new ways of getting revenue. Look at the shiny business model of selling your personal information used by Google and FaceTwit!
Of course, Microsoft's enterprise software has a decent future, if they don't screw it up. But nothing like Microsoft's glory days with no viable alternative platforms and when an outrageously priced software license was like a small tax on very expensive hardware. Today, a $30 software license is the elephant in the room on a $180 hardware item. (like a chromebook, as an example)
> It's too quiet. How can pedestrians keep being absorbed in their smartphones if you can't hear traffic anymore over the music you're playing on your headphones?
What do you mean "how can"? The quietness of these sleek trucks does not inhibit pedestrians from being absorbed in their smartphones. (Not necessarily absorbed listening to music.)
As for listening to music with headphones and being unable to hear traffic. Either turn down, or turn off the music, or become a nominee for the prestigious and coveted Darwin Award.
A Flash player implemented entirely in JavaScript would be not only very interesting but also way cold. However it would only be useful for legacy applications. Not desirable for new applications where you can simply write your app directly for the advanced capabilities of modern browsers. But, thanks for pointing that out.