This is right now, today. Almost. $90 million launches 63800 kilos into low earth orbit. That is $1410/kilo. Misty eyed space elevator proponents claim $500/kilo. Eh. Putting aside for the moment the probability that that is a wild underestimate, if space elevator launch is 35% of the cost of rocket launch then the capital cost of a space elevator will never be recovered, never. Not ever.
Don't forget that any mass you hoist up this mythical elevator needs to achieve orbital velocity, just like a rocket does. That takes energy. Where does that come from, who pays for it? Why does this fairy tale keep coming back? Now let's build a Dyson Sphere, it's equally as probable.
Some good points but going overboard with your Apple-centric view of the universe. Android USB-C tablets are already out there, Apple is the follower in this case.
OK, it's more nuanced than that. The Xorg server isn't suid, but there is an Xorg.wrap binary that is suid, which provides xstart/xinit functionality from a physical console. So not exploitable remotely, e.g., ssh, but shared public Linux machines are vulnerable. Those would be rare, but admins better move to get them updated. Debian already has fixes except for buster.
From the man page "By default Xorg.wrap will only allow executing the real X server from login sessions on a physical console."
My reading is, you are only vulnerable if you hand your computer over to a black hat complete with login details. I don't know about you, but I never do that. Likewise, hosting is not vulnerable because no physical access. School and public library computers are vulnerable. Those would be rare.
BTW, fixed in jessie, stretch and sid, but not yet in buster.
they should have avoided the terms "server" and "client" altogether because they are so strongly associated with types of hardware
Sounds like you need to broaden your horizons a bit. "Server" describes a pattern of processing data, whether hardware or software. It is well established and well understood terminology, regardless of your particular preconception.
What do you mean, accidentally typing sudo? You will be asked for a password unless you have (insecurely) set up a nonstandard passwordless sudo configuration. How would you accidentally enter your password?
So the answer: no relation between the risks. But it looks to me that standard Xorg installs are not vulnerable because they are not normally installed with suid on the X server. My Debian system is certainly not configured that way. According to the advisory the exploit is only possible if the X server (Xorg) is running suid.
Please correct me if there are any distros out there installing Xorg as suid. I doubt that there are.
This is about Apple finally backing down from its proprietary connector and going with the same connector as everybody else. But I bet they will find a way to still be incompatible, this is Apple we're talking about.
Hearing that the replacement keyboards stop working pretty much right away too. Hard to really bask in that status thing when you're swearing at your laptop because you can't type any word with "S" in it and, oops, there goes "G" dammit.
My Minis have FW800. My MBP has FW800. I have a bunch of FW400 and FW800 hard drives. With no FW on new Macs I'm going to end up with a pile of no-longer-usable external storage.
Agree, removing USB-A from a device that has the physical space for the port is pure idiocy and customer-baiting. Only the mistiest eyed of fanatic devotees will be able to explain that away.
Meanwhile, I like USB-C a whole lot more than USB-A on my phone just because it's so much easier to plug in. Never mind the huge bandwidth increase and other new capabilities. Worth. Against that I need to populate my home and vehicles with new cables. Better than a dongle that gets lost.
That's something to be proud of? Changing out the hard disk for an SSD is an easy way to convert a sluggish computer into a champ. Any idiot can do it. Maybe not you.
a phone or even an iPad is not suitable for real work. You need a computer for that.
Phones and tablets are computers, the hardware isn't the problem, it's the crappy graphical interface.
The question is: when can we connect a good screen and keyboard to a phone and use it like we use a PC now?
Since years ago? I regularly use a bluetooth keyboard with my Android phone for video chat. Bluetooth mouse works fine too, except that the UI is missing a lot of the widgets you normally want for mousing. HDMI-out dongles are readily available for Android, I use mine from time to time for photo review.
need for purchase of extra hardware if one needs fast charging for instance.
My iPhone charges from dead-flat to 100% in about 2 hours with the standard charging-nugget. It doesn't charge significantly faster using my higher-power iPad charger.
That's not fast, my Moto G6 fast-charges from empty in less than an hour with the stock charger. OP has a point.
Slashdot Mirror
I feel better now.
Let's not forget that carbon nanotubes make asbestos look like cotton candy, healthwise. In animal studies, exposure to CNTs induced sustained inflammation, fibrosis, lung cancer following long-term inhalation, and gene damage in the lung.
This is right now, today. Almost. $90 million launches 63800 kilos into low earth orbit. That is $1410/kilo. Misty eyed space elevator proponents claim $500/kilo. Eh. Putting aside for the moment the probability that that is a wild underestimate, if space elevator launch is 35% of the cost of rocket launch then the capital cost of a space elevator will never be recovered, never. Not ever.
Don't forget that any mass you hoist up this mythical elevator needs to achieve orbital velocity, just like a rocket does. That takes energy. Where does that come from, who pays for it? Why does this fairy tale keep coming back? Now let's build a Dyson Sphere, it's equally as probable.
Nuff said.
Some good points but going overboard with your Apple-centric view of the universe. Android USB-C tablets are already out there, Apple is the follower in this case.
Not what I meant. I was talking about, e.g., school lab where students can login on console. Not too many of those around, to be honest.
OK, it's more nuanced than that. The Xorg server isn't suid, but there is an Xorg.wrap binary that is suid, which provides xstart/xinit functionality from a physical console. So not exploitable remotely, e.g., ssh, but shared public Linux machines are vulnerable. Those would be rare, but admins better move to get them updated. Debian already has fixes except for buster.
From the man page "By default Xorg.wrap will only allow executing the real X server from login sessions on a physical console."
My reading is, you are only vulnerable if you hand your computer over to a black hat complete with login details. I don't know about you, but I never do that. Likewise, hosting is not vulnerable because no physical access. School and public library computers are vulnerable. Those would be rare.
BTW, fixed in jessie, stretch and sid, but not yet in buster.
they should have avoided the terms "server" and "client" altogether because they are so strongly associated with types of hardware
Sounds like you need to broaden your horizons a bit. "Server" describes a pattern of processing data, whether hardware or software. It is well established and well understood terminology, regardless of your particular preconception.
What do you mean, accidentally typing sudo? You will be asked for a password unless you have (insecurely) set up a nonstandard passwordless sudo configuration. How would you accidentally enter your password?
So the answer: no relation between the risks. But it looks to me that standard Xorg installs are not vulnerable because they are not normally installed with suid on the X server. My Debian system is certainly not configured that way. According to the advisory the exploit is only possible if the X server (Xorg) is running suid.
Please correct me if there are any distros out there installing Xorg as suid. I doubt that there are.
This is about Apple finally backing down from its proprietary connector and going with the same connector as everybody else. But I bet they will find a way to still be incompatible, this is Apple we're talking about.
ZenPad 3S 10 with USB-C. Already out for a year. Obviously, all mobile tablets and phones are going to USB-C, Apple only follows the herd.
Every time I hear "Facetime" I think "Facepalm". I'd rather call it video chat, thanks.
Oh right.
Hearing that the replacement keyboards stop working pretty much right away too. Hard to really bask in that status thing when you're swearing at your laptop because you can't type any word with "S" in it and, oops, there goes "G" dammit.
On iOS you don't need a keyboard for video chat
You don't need it on Android either, however it is often useful to type and chat at the same time. Surprised you didn't know that.
My Minis have FW800. My MBP has FW800. I have a bunch of FW400 and FW800 hard drives. With no FW on new Macs I'm going to end up with a pile of no-longer-usable external storage.
The Apple experience.
I don't get how people use up all that space anyways.
Have you installed a game lately?
Agree, removing USB-A from a device that has the physical space for the port is pure idiocy and customer-baiting. Only the mistiest eyed of fanatic devotees will be able to explain that away.
Meanwhile, I like USB-C a whole lot more than USB-A on my phone just because it's so much easier to plug in. Never mind the huge bandwidth increase and other new capabilities. Worth. Against that I need to populate my home and vehicles with new cables. Better than a dongle that gets lost.
the thing with apple is you have to "Get with the program"
You mean, go Android.
I have never, ever, ever, upgraded a computer.
That's something to be proud of? Changing out the hard disk for an SSD is an easy way to convert a sluggish computer into a champ. Any idiot can do it. Maybe not you.
the vast majority of apple users don't care about what you care about.
OP cares about a keyboard that works, and keeps working. What bubble do you live in?
Too much money for too little computer. Counts as sub-par.
a phone or even an iPad is not suitable for real work. You need a computer for that.
Phones and tablets are computers, the hardware isn't the problem, it's the crappy graphical interface.
The question is: when can we connect a good screen and keyboard to a phone and use it like we use a PC now?
Since years ago? I regularly use a bluetooth keyboard with my Android phone for video chat. Bluetooth mouse works fine too, except that the UI is missing a lot of the widgets you normally want for mousing. HDMI-out dongles are readily available for Android, I use mine from time to time for photo review.
need for purchase of extra hardware if one needs fast charging for instance.
My iPhone charges from dead-flat to 100% in about 2 hours with the standard charging-nugget. It doesn't charge significantly faster using my higher-power iPad charger.
That's not fast, my Moto G6 fast-charges from empty in less than an hour with the stock charger. OP has a point.