I'm in agreement here. I predict that autonomous driving will lead to less automotive deaths and injuries by SEVERAL orders of magnitude over "biological driving software" as you put it. It's not if, but when.
Humans are too easy distracted, or unfit to drive (DUI, etc.), or just stuck with too many dumb, aggressive habits.
Will autonomous driving still lead to some accidents and deaths? Sure. The circumstances in which autonomous driving fails are different than when humans fail. But software will continue to be revised and outlier exceptions handled better.
It's happening quicker than I ever thought possible. In the meantime, I'll be keeping my hands on the wheel for quite a while longer...
Sorry, I think the middle of the lake is a great idea. You can't fix stupid - I'd rather just have stupid railing on about the center of a lake than bothering the police with their ramblings. (Again, preferable if the lake is public accessible)
It could be a learning experience - when one googles around and sees the location of some suspicious activity as the center of a lake - it might lead one to think "hmm is this reasonable..."
My read is actually the MaxMind CEO is acting fairly reasonably in working towards a solution. His firm had no malintent and worked reasonably in trying to solve both the problems in the US, and now the one in this article.
The first pass attempt at a fix in the US - moving the geographical center of the US to the middle of a lake (which I think is a great idea, BTW) resulted in a further lawsuit from the property owners of the lake. Which was settled. I think this was all a reasonable solution by all parties.
We should encourage this sort of response by companies, not demonize them. As opposed to the often relied on solution by companies when exposed to these sorts of problems - a shoulder shrug perhaps, if the problem is even acknowledged at all.
As a hardware designer, it's an interesting idea to think of attack vectors through "NO STUFF" parts of the BOM. Most PCBs have "NO STUFF" parts of some sort - either for legacy or prototyping reasons.
The idea of some nefarious third party reverse engineering a "NO STUFF" and forming an attack vector with that is well, news to me. I can easily understand a thing like this slipping through a QC check
It would certainly be a difficult attack to construct. But many of todays "software" attacks are quite complicated. Certainly not outside the scope of a state-entity IMHO.
Interesting times in any event, and something to think about.
IANAL, nor do I regularly read legislature bills. But, on my read of the bill, I don't see any teeth to the bill? What are the repercussions for a company for violating this law? Other than setting a more concrete bar for possible civil cases, are there any more repercussions?
dd if=/dev/urandom of=StupidDropbox/crypt.fs bs=4096 count= mk-foo-fs -t foofs StupidDropbox/crypt.fs # Where foo is your favorite encrypted filesystem mkdir StupidDropbox/encrypted mount StupidDropbox/crypt.fs StupidDropbox/encrypted
Make sure your encryption keys are NOT stored anywhere near the dropbox partition. Dropbox will only sync the inner filesystem when it is unmounted. But I've found the Dropbox sync'ing mechanism is quite clever and runs fast. (This might imply a security hole if an attacker has access to various sync deltas. But that's quite a difficult attack IMHO. Caveat emptor, I'm no security expert, blah, blah)
Upsides: Your root filesystem is whatever type you like. Your Dropbox data is encrypted. It still works when they turn off non-ext4 support. Downsides: A little performance (not much - linux loopback devices are quite efficient). Only can access encrypted partitions from other linux-like boxes. And only can mount the encrypted partition (with write privileges) on one system at a time. (As many read -only mounts as you want)
The normal setup is encryption after partition. Meaning dropbox is operating on the unencrypted data. Sure dropbox may re-encrypt on their end (and probably in flight too). But that whole thing is encryption on their terms (Dropbox) not yours. Meaning as strong as they like it, and key-management as they like it.
All the linux encrypted volume stuff is meaningless to the files stored on the Dropbox Cloud.
That said, this decision my Dropbox is troublesome. They have a really good cross-platform product that syncs better than most of the existing solutions. I don't think this a wise decision.
A current (paid) Dropbox user, watching carefully...
Make a QR-code of the SSID/ (long) password. It's a standard QR field. Print it out and have available for anyone in your house to quickly snap, and you're done.
Of course there's readily available QR software for this on the web. But then using a web QR generator requires one upload their password out in the open to a random third party. I recommended a locally run QR generator.
Someone's going to need to translate the likely length of a crack. The quote "that last step could take hours or days" isn't all that helpful.
If we have a WPA2 (max) 63 printable ASCII character random password, is the crackable time of this attack still on the order of "a couple of days"?
i.e. can casual users mitigate this attack by just increasing their WPA2 password length? To what size?
Or is this attack some sort of end-around where the size of the WPA2 ascii key doesn't matter. It's not clear to me, but then again, I'm no security expert either...
The only thing I know about OneNote is it's some bastard of an Microsoft program that keeps leaving "Open Notebook.onetoc2" turds in every directory, on every network drive.
A little googling gives me an idea of what these turds are, and some useless ideas on how to stop them. But in a corporate environment, where potentially hundreds, if not thousands of users have access to some network directories, finding the computer / process/ user that's creating these turds is impossible.
I run a find -exec command occasionally to remove them. Occasionally I replace them with 0-length files. In a spiteful mood, I've replaced them with files of random garbage (hoping to crash whatever's accessing/creating them). They just keep on coming...
Or spending $27 million a year to watch someone throw a ball down a football field... Or spend $15 million a year to watch a hockey player slap a puck... Or millions to send a rocket to space, or to the bottom of the oceans. Or hundreds of thousands to climb a remote mountain peak.....
I mean if people would only spend their money the way I think they should spend it, the world would just be so much better...
Pretty sure the article doesn't conclude "In short, leave the fungus at home". That's way too broad a generalization. (And while I'm not a microbiologist, I don't think even remotely possible).
In any event, who'd want to go to Mars without a good source of one's favorite beverage? Or bread? Beer/Wine/Bread and many other our favorite food and drinks all depend on yeasts, which are in the fungus family.
I sort of came to the same conclusion. I learn well from lectures, but am a poor (or at least very slow) book learner. It all depends on the student and teacher.
One thing from the author's essay caught my attention: He mentioned.. the "incorrect notion of “moving stuff to the other side of the equation,”
Now, it's been a while since I took algebra. Guess I've been doing it wrong. But what's he trying to say with this quote? That quote deserved an explanation in itself.
Yes but defining any new operators only using the constants '4' is trickier. In your case, to make the concat, you broke the rules of the game using "10".
You can completely make up any "new" operator that doesn't follow the rules. And make the game pointless.
Most of these bulk calls this time of year of from my local Congress-critter. Making sure I know to vote for his/her team. Politicians have a way of putting blinders on when it comes to there own bulls**t.
No, can't have those political calls blocked - them's important.
Happened to my kids, and their music. "Hey let's sign up for this new Apple thing for a free 3 months - what's to lose?". Then, all there previous music disappears... Blame siblings for doing something wrong. Yell and berate dad (me), well just because.
Backups? What backups? Everything's in the Cloud dad. They've never purchased a song on any physical media. Probably recognize the term "MP3", but it's equating "mp3" as a file, that can be copied and actually manipulated? That's grandpa talk.
It's a good lesson.
Of course he'll solve his problem another way - getting his "backups" from another source... Teenagers have no dearth of places to grab, *ahem* "free" music. They've no problem paying for it, if it's convenient, and reasonably priced. Now that that's all broken...
The two most influential inventions that affected more people (for the positive), by far, would be indoor plumbing, and vaccines. Could argue either way which one's first.
I concur. VMs, embedded hardware, headless machines- I'm on them all day. And ssh -X is all that I need working for my environment. As long as that works, everything else just is seamless. I think we're not going to see a reduction in VM's. And the number/amount of embedded hardware's only growing.
Now, X certainly has ugly warts. I'm hopeful for what Wayland's offering. This network transparency patch for Wayland sounds like a great start.
I was a sophomore in high school in central Florida. By this time enough launches had gone up that we no longer went outside to see the launches live - they were routine.
Between classes, one of my buddies came up to our group - 'Hey did you hear? - The shuttle blew up". "Bullshit" I responded. "No way" from others. It couldn't happen. Impossible. The stuff was routine by now. A lot of people realized that day that there's nothing routine about space flight...
That's more like it. Feed the worms to the chickens, then I'll eat the eggs and chickens. Chickens go nuts for fresh worms and insects of any kind.
One assumes you feed the worms kitchen scraps. Just a different path from pigs. Kitchen scraps -> Pigs -> pork chops (yum). Kitchen scraps -> Worms -> Chickens -> Eggs, Drumsticks.
Extra cycle of latency, but a two for one, and not just a one shot. Sounds good to me. Maybe I'll buy the box for the friend who's got chickens and regularly gives me eggs...
Oh my - there's another xterm / tcsh user out there? I'm not the only one!
My muscle memory is just to tuned into the tcsh completions to effectively switch. I know it's a poor scripting language. But then anything over simple scripts, I just drop into sed / perl.
My admins always shake there head when I ask them to please install tcsh...
As to terms, yeah xterm's good enough for me too. I like it configured with a large buffer with scrollbars on the left. I really don't depend on much else...
A car manufacturer can certainly get a competitive advantage over retailers since they own a monopoly on supply.
And how is this different, than say Apple owning a "monopoly" on the supply of iPhones? Or Caterpillar owning a "monopoly" on the supply of tractors? Or any other manufacturer for that matter? Why must cars be treated with different rules?
1. It's not a "monopoly" - there's competition. 2. It's the way a free-market works..
Not saying you're argument about the effects with respect to local revenue's not valid. But the same argument can be made for any manufacturing. Car's aren't unique in this regard in any way.
Slashdot Mirror
Typical "industrial" temperature ranges: -40C to 100C
"Automotive" range usually bumps the high end up to 125C.
Thermal isn't the OP's biggest problem here, IMHO.
I'm in agreement here. I predict that autonomous driving will lead to less automotive deaths and injuries by SEVERAL orders of magnitude over "biological driving software" as you put it. It's not if, but when.
Humans are too easy distracted, or unfit to drive (DUI, etc.), or just stuck with too many dumb, aggressive habits.
Will autonomous driving still lead to some accidents and deaths? Sure. The circumstances in which autonomous driving fails are different than when humans fail. But software will continue to be revised and outlier exceptions handled better.
It's happening quicker than I ever thought possible. In the meantime, I'll be keeping my hands on the wheel for quite a while longer...
TL;DR - Not a monopole (Sadly)
Sorry, I think the middle of the lake is a great idea. You can't fix stupid - I'd rather just have stupid railing on about the center of a lake than bothering the police with their ramblings. (Again, preferable if the lake is public accessible)
It could be a learning experience - when one googles around and sees the location of some suspicious activity as the center of a lake - it might lead one to think "hmm is this reasonable..."
My read is actually the MaxMind CEO is acting fairly reasonably in working towards a solution. His firm had no malintent and worked reasonably in trying to solve both the problems in the US, and now the one in this article.
The first pass attempt at a fix in the US - moving the geographical center of the US to the middle of a lake (which I think is a great idea, BTW) resulted in a further lawsuit from the property owners of the lake. Which was settled. I think this was all a reasonable solution by all parties.
We should encourage this sort of response by companies, not demonize them. As opposed to the often relied on solution by companies when exposed to these sorts of problems - a shoulder shrug perhaps, if the problem is even acknowledged at all.
Put away the pitchforks.
I like the analysis going on over here:https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/
As a hardware designer, it's an interesting idea to think of attack vectors through "NO STUFF" parts of the BOM. Most PCBs have "NO STUFF" parts of some sort - either for legacy or prototyping reasons.
The idea of some nefarious third party reverse engineering a "NO STUFF" and forming an attack vector with that is well, news to me. I can easily understand a thing like this slipping through a QC check
It would certainly be a difficult attack to construct. But many of todays "software" attacks are quite complicated. Certainly not outside the scope of a state-entity IMHO.
Interesting times in any event, and something to think about.
IANAL, nor do I regularly read legislature bills. But, on my read of the bill, I don't see any teeth to the bill? What are the repercussions for a company for violating this law? Other than setting a more concrete bar for possible civil cases, are there any more repercussions?
If a bill don't have teeth, what's the point?
Continuing...
dd if=/dev/urandom of=StupidDropbox/crypt.fs bs=4096 count=
mk-foo-fs -t foofs StupidDropbox/crypt.fs # Where foo is your favorite encrypted filesystem
mkdir StupidDropbox/encrypted
mount StupidDropbox/crypt.fs StupidDropbox/encrypted
Make sure your encryption keys are NOT stored anywhere near the dropbox partition. Dropbox will only sync the inner filesystem when it is unmounted.
But I've found the Dropbox sync'ing mechanism is quite clever and runs fast. (This might imply a security hole if an attacker has access to various sync deltas. But that's quite a difficult attack IMHO. Caveat emptor, I'm no security expert, blah, blah)
Upsides: Your root filesystem is whatever type you like. Your Dropbox data is encrypted. It still works when they turn off non-ext4 support.
Downsides: A little performance (not much - linux loopback devices are quite efficient). Only can access encrypted partitions from other linux-like boxes. And only can mount the encrypted partition (with write privileges) on one system at a time. (As many read -only mounts as you want)
The normal setup is encryption after partition. Meaning dropbox is operating on the unencrypted data. Sure dropbox may re-encrypt on their end (and probably in flight too). But that whole thing is encryption on their terms (Dropbox) not yours. Meaning as strong as they like it, and key-management as they like it.
All the linux encrypted volume stuff is meaningless to the files stored on the Dropbox Cloud.
That said, this decision my Dropbox is troublesome. They have a really good cross-platform product that syncs better than most of the existing solutions. I don't think this a wise decision.
A current (paid) Dropbox user, watching carefully...
Is that what this crack is - a quicker (perhaps offline) tests of the randomly guessed (128 bit) password?
If so, then nothing to see hear, move along. 128-bit passwords will be okay for a while longer, I think - even with an accelerated compare.
Make a QR-code of the SSID/ (long) password. It's a standard QR field. Print it out and have available for anyone in your house to quickly snap, and you're done.
Of course there's readily available QR software for this on the web. But then using a web QR generator requires one upload their password out in the open to a random third party. I recommended a locally run QR generator.
Someone's going to need to translate the likely length of a crack. The quote "that last step could take hours or days" isn't all that helpful.
If we have a WPA2 (max) 63 printable ASCII character random password, is the crackable time of this attack still on the order of "a couple of days"?
i.e. can casual users mitigate this attack by just increasing their WPA2 password length? To what size?
Or is this attack some sort of end-around where the size of the WPA2 ascii key doesn't matter. It's not clear to me, but then again, I'm no security expert either...
The only thing I know about OneNote is it's some bastard of an Microsoft program that keeps leaving "Open Notebook.onetoc2" turds in every directory, on every network drive.
A little googling gives me an idea of what these turds are, and some useless ideas on how to stop them. But in a corporate environment, where potentially hundreds, if not thousands of users have access to some network directories, finding the computer / process/ user that's creating these turds is impossible.
I run a find -exec command occasionally to remove them. Occasionally I replace them with 0-length files. In a spiteful mood, I've replaced them with files of random garbage (hoping to crash whatever's accessing/creating them). They just keep on coming...
Or spending $27 million a year to watch someone throw a ball down a football field... ..
Or spend $15 million a year to watch a hockey player slap a puck...
Or millions to send a rocket to space, or to the bottom of the oceans.
Or hundreds of thousands to climb a remote mountain peak...
I mean if people would only spend their money the way I think they should spend it, the world would just be so much better...
Pretty sure the article doesn't conclude "In short, leave the fungus at home". That's way too broad a generalization. (And while I'm not a microbiologist, I don't think even remotely possible).
In any event, who'd want to go to Mars without a good source of one's favorite beverage? Or bread? Beer/Wine/Bread and many other our favorite food and drinks all
depend on yeasts, which are in the fungus family.
I sort of came to the same conclusion. I learn well from lectures, but am a poor (or at least very slow) book learner. It all depends on the student and teacher.
One thing from the author's essay caught my attention: He mentioned.. the "incorrect notion of “moving stuff to the other side of the equation,”
Now, it's been a while since I took algebra. Guess I've been doing it wrong. But what's he trying to say with this quote? That quote deserved an explanation in itself.
Yes but defining any new operators only using the constants '4' is trickier. In your case, to make the concat, you broke the rules of the game using "10".
You can completely make up any "new" operator that doesn't follow the rules. And make the game pointless.
"...joining the U.S. government". That's a hoot..
Most of these bulk calls this time of year of from my local Congress-critter. Making sure I know to vote for his/her team. Politicians have a way of putting blinders on when it comes to there own bulls**t.
No, can't have those political calls blocked - them's important.
Its a very valid story, for a new generation.
Happened to my kids, and their music. "Hey let's sign up for this new Apple thing for a free 3 months - what's to lose?".
Then, all there previous music disappears... Blame siblings for doing something wrong. Yell and berate dad (me), well just because.
Backups? What backups? Everything's in the Cloud dad. They've never purchased a song on any physical media. Probably recognize the term "MP3", but it's equating "mp3" as a file, that can be copied and actually manipulated? That's grandpa talk.
It's a good lesson.
Of course he'll solve his problem another way - getting his "backups" from another source... Teenagers have no dearth of places to grab, *ahem* "free" music. They've no problem paying for it, if it's convenient, and reasonably priced. Now that that's all broken...
The two most influential inventions that affected more people (for the positive), by far, would be indoor plumbing, and vaccines. Could argue either way which one's first.
Don't know if those are "gadgets"...
I concur. VMs, embedded hardware, headless machines- I'm on them all day. And ssh -X is all that I need working for my environment. As long as that works, everything else just is seamless. I think we're not going to see a reduction in VM's. And the number/amount of embedded hardware's only growing.
Now, X certainly has ugly warts. I'm hopeful for what Wayland's offering. This network transparency patch for Wayland sounds like a great start.
--Mark
I was a sophomore in high school in central Florida. By this time enough launches had gone up that we no longer went outside to see the launches live - they were routine.
Between classes, one of my buddies came up to our group - 'Hey did you hear? - The shuttle blew up". "Bullshit" I responded. "No way" from others. It couldn't happen. Impossible. The stuff was routine by now. A lot of people realized that day that there's nothing routine about space flight...
--Mark
That's more like it. Feed the worms to the chickens, then I'll eat the eggs and chickens. Chickens go nuts for fresh worms and insects of any kind.
One assumes you feed the worms kitchen scraps. Just a different path from pigs.
Kitchen scraps -> Pigs -> pork chops (yum).
Kitchen scraps -> Worms -> Chickens -> Eggs, Drumsticks.
Extra cycle of latency, but a two for one, and not just a one shot. Sounds good to me. Maybe I'll buy the box for the friend who's got chickens and regularly gives me eggs...
Oh my - there's another xterm / tcsh user out there? I'm not the only one!
My muscle memory is just to tuned into the tcsh completions to effectively switch. I know it's a poor scripting language. But then anything over simple scripts, I just drop into sed / perl.
My admins always shake there head when I ask them to please install tcsh...
As to terms, yeah xterm's good enough for me too. I like it configured with a large buffer with scrollbars on the left. I really don't depend on much else...
And how is this different, than say Apple owning a "monopoly" on the supply of iPhones? Or Caterpillar owning a "monopoly" on the supply of tractors? Or any other manufacturer for that matter? Why must cars be treated with different rules?
1. It's not a "monopoly" - there's competition.
2. It's the way a free-market works..
Not saying you're argument about the effects with respect to local revenue's not valid. But the same argument can be made for any manufacturing. Car's aren't unique in this regard in any way.