The article only deals with power cuts. What about fiber data line cuts? We had a squirrel chew through one of our WAN links, inside a conduit. I can't imagine that could have tasted good.
Specifically, they managed to do addition, with modulus, and without any overflow detection, in multi-state ReRAM. Basicly, each cell can hold an analog level, that can be read as 0 through 5. You write it by resetting it to 0, then hitting it with the right constant current for the right amount of time to set it to a particular value, for example 3. If you skip the reset part, and write a 2, the effects add, and the cell ends up with a 5. If you write too much, it wraps around. Theoretically, you could use this to add two vectors by writing one, then the other. However, any overflow would be lost. Maybe it could be useful for crypto hashes and stuff like that.
I have a bittorrent server for legal Linux and BSD ISOs. It's never been used for anything else. It's had that static IP for 5 years. It reports 10 of my 30 legal ISOs. It also claims I downloaded some porn video and something called "ST_170_TOOL_SO_XML_1.0.0.4.cab".
My guess is the false positives are a scare tactic to get people to buy VPN services. But it's seeded with enough real data to look slightly legitimate.
The FDA's guidlines are not enforcable. So the hospitals will care a lot more about anything in the manufacturers' EULAs that let them disclaim liability.
A lot of medical equipment, especially large scanners, are controlled by a PC. The embedded OS may be something real time, but the control PC almost always runs Windows. It does higher level functions like visualization, printing, etc. Since these devices are large capitol investments, they're kept for many years. Most doctor's offices don't have the technical skills to upgrade them. Even large hospitals can't maintain the expertise on every single device. Even if they did, they don't dare, because the manufacturer will try to disclaim any liability if the software installed on the PC has been altered in any way. Most places won't even allow IT to install virus scanners.
The equipment vendors have a financial incentive not to change their platform. It requires repeating quality assurance tests for liability, and creates a moving target for their developers. They also have an incentive to forbid local changes, because it gives them an excuse to disclaim responsibility in court.
In my opinion, all of these diagnostic systems should be air-gapped from the hospital intranet. Data should be shuttled in and out of them on removable hard drives. There should be an intermediate system that virus scans them before connecting them to either side. It would be a huge pain, but far less so than the ransomware.
The FDA may not require recertification after a supposedly minor software update. However, most companies would still want to go through QA again after a software change. This is because they're worried about medical liability. That's going to take time and money. It also creates a moving target for their developers. So they have an incentive to avoid OS upgrades of any kind.
Since they're worried about liability, they will do anything they can to disclaim responsibility. Local hospital staff altering the control PC, in any way, is an excuse for the manufacturer to wiggle out of responsibility. This especially applies to large medical equipment, like CAT scanners, MRIs, etc.
The rest of your comment is about cryptographically securing smaller devices, especially implanted ones, ie pacemakers. I agree with everything you say, but I'm concerned the medical staff will have trouble with it. Many of the doctors and nurses I've met are near-technophobes about computers.
I find it depends on the kind of wifi. I've never had a problem connecting from linux to my home wifi, using WPA2-PSK. My association and IP stay constant for months. I've had no end of problems with the distributed wifi at work, using WPA2-EAP. I usually loose connectivity every time I move from one room to another. I sometimes loose my association and IP during a meeting (which orphans all of my ssh sessions). A few times I've had to rmmod and modprobe the wireless driver.
Most consumer grade gateways are designed for less technical users. To reduce support calls, they have UPNP turned on by default. These days, they usually have an option to turn it off, probably down in an "advanced" page of the WUI. However, they very seldom have options to limit it to specific internal devices. Many of the online games require open network ports, and use UPNP to obtain them. Technical users can manually set up the port forwarding for a game console, by assigning it a fixed ip, and passing the required ports. However, the majority of users can't do that, or are too lazy. The few users who turn UPNP off, often end up turning it back on to get the games to work correctly. At that point, all of the IoT devices can create their telnet backdoor UPNP exceptions too.
Another method is a downloaded trojan on a PC, that infects IoT thing on the local network.
I've heard that mentioning specific vendors and models can get a security researcher sued. These days, you need to either post the list of weak devices anonymously, or consult a lawyer about responsible disclosure.
Regrettably, this is true. Krebs said his Akamai protection got hit primarly by GRE packets straight from the botted device. Very little of the DDOS was from amplification.
Unfortunately, by the time the FTC or FCC got the fine through appeals, the bad device would have been on the market for 10 years. By then the sub-company created to market that device would no longer exist. It also would not eliminate the bad devices already out there.
The problem is from amplification attacks. A sends a dns query (or something) packet to B, but forges a source address of C. B sends a much larger response to C. C blames B. B's internet fee goes up. Both B and C are victims. The correct solution is BPC38, "http://www.bcp38.info/index.php/Main_Page". Unfortunately, a lot of (IMO shady) network operators don't implement restrictions on their clients forging source ip addresses. They might be accepting payment to allow this abuse, they might be incompetent, or they might just be lazy. The excuse that it cost too much to upgrade their gear is no longer relevant. All routers have had the cpu to do that for years.
Aliexpress has the best price: 5 for $2.71 + $0.12 shipping to US. They'll take a month to arrive.:-( https://www.aliexpress.com/item/Free-shipping-5PCS-LOT-MAX7219CNG-MAX7219-DIP-24/32633578636.html.
Adafruit has one for $9.95 + ~$7 shipping, but you'll get it in 3 to 5 days.
Amazon has several offerings, but none are prime. None seem to have delivery times even close to what Adafruit can offer.
Amazon's descriptions are almost always deficient. Worse, they prevent you from improving them. I recently posted a review of a SMT transistor book. I included datasheet links for every part in the book. Amazon deleted all of the links, replacing them with [...]. Their search is also terrible, especially for electronic components. They don't have anything close to the parametric searchs available on mouser or digi-key.
The only things I ever use Flash for anymore are Pandora radio and VMware vCenter. I've almost gotten rid of Pandora's Flash by switching to pianobar https://6xq.net/pianobar/. It handles normal playing. It won't do the more advanced things like editing a station, adding variety, etc.
I don't have a solution for vCenter. I did, at least, get freshplayerplugin to run pepperflash under Palemoon. That lets me specify an external app (vmplayer) to open console windows. Chrome insists on opening the console windows in another flash window, which won't pass ctrl-C, ctrl-P, or many other control characters. It's infuriating to try to ping something from the console, realize too late that you can't stop it, and have to reboot the vm.
Slashdot Mirror
The article only deals with power cuts. What about fiber data line cuts? We had a squirrel chew through one of our WAN links, inside a conduit. I can't imagine that could have tasted good.
This one was a possible paedophile. Since it was only one photo, it was probably something sent to him, or from a popup on some random website.
What else do they look for? Credit card numbers? Tax records? Other identity theft info? Anything embarrassing they can ransom?
The other problem is they used a tool to scan unallocated space for deleted files. That takes time. Are they charging customers for that extra time?
That's going to make it a lot harder to cover your camera. The spooks will love it.
Thank you. That's an amazing story. I thought I had read everything by Asimov, but I somehow missed that one.
Specifically, they managed to do addition, with modulus, and without any overflow detection, in multi-state ReRAM. Basicly, each cell can hold an analog level, that can be read as 0 through 5. You write it by resetting it to 0, then hitting it with the right constant current for the right amount of time to set it to a particular value, for example 3. If you skip the reset part, and write a 2, the effects add, and the cell ends up with a 5. If you write too much, it wraps around. Theoretically, you could use this to add two vectors by writing one, then the other. However, any overflow would be lost. Maybe it could be useful for crypto hashes and stuff like that.
IP addresses are not people.
IP addresses are not people. That does not prevent them from using IPs to sue you. Then you have to spend lots of money for defence lawyers.
Is it possible to block tracking using PeerGuardian?
No. PeerGuardian works by blacklisting IPs of known RIAA and MPAA contractors. However, they get new IPs every day.
I have a bittorrent server for legal Linux and BSD ISOs. It's never been used for anything else. It's had that static IP for 5 years. It reports 10 of my 30 legal ISOs. It also claims I downloaded some porn video and something called "ST_170_TOOL_SO_XML_1.0.0.4.cab".
My guess is the false positives are a scare tactic to get people to buy VPN services. But it's seeded with enough real data to look slightly legitimate.
His relatives installed malware on his TV, without his permission or knowledge. He should bill them for the repair cost.
The FDA's guidlines are not enforcable. So the hospitals will care a lot more about anything in the manufacturers' EULAs that let them disclaim liability.
A lot of medical equipment, especially large scanners, are controlled by a PC. The embedded OS may be something real time, but the control PC almost always runs Windows. It does higher level functions like visualization, printing, etc. Since these devices are large capitol investments, they're kept for many years. Most doctor's offices don't have the technical skills to upgrade them. Even large hospitals can't maintain the expertise on every single device. Even if they did, they don't dare, because the manufacturer will try to disclaim any liability if the software installed on the PC has been altered in any way. Most places won't even allow IT to install virus scanners.
The equipment vendors have a financial incentive not to change their platform. It requires repeating quality assurance tests for liability, and creates a moving target for their developers. They also have an incentive to forbid local changes, because it gives them an excuse to disclaim responsibility in court.
In my opinion, all of these diagnostic systems should be air-gapped from the hospital intranet. Data should be shuttled in and out of them on removable hard drives. There should be an intermediate system that virus scans them before connecting them to either side. It would be a huge pain, but far less so than the ransomware.
The FDA may not require recertification after a supposedly minor software update. However, most companies would still want to go through QA again after a software change. This is because they're worried about medical liability. That's going to take time and money. It also creates a moving target for their developers. So they have an incentive to avoid OS upgrades of any kind.
Since they're worried about liability, they will do anything they can to disclaim responsibility. Local hospital staff altering the control PC, in any way, is an excuse for the manufacturer to wiggle out of responsibility. This especially applies to large medical equipment, like CAT scanners, MRIs, etc.
The rest of your comment is about cryptographically securing smaller devices, especially implanted ones, ie pacemakers. I agree with everything you say, but I'm concerned the medical staff will have trouble with it. Many of the doctors and nurses I've met are near-technophobes about computers.
As if there weren't already enough reasons for users to dump Yahoo?
If the screen is the entire front of the device, will you be able to put it in a case? I would not want to pay for a phone that I couldn't protect.
"Sounds like the typical Linux WiFi experience"
I find it depends on the kind of wifi. I've never had a problem connecting from linux to my home wifi, using WPA2-PSK. My association and IP stay constant for months. I've had no end of problems with the distributed wifi at work, using WPA2-EAP. I usually loose connectivity every time I move from one room to another. I sometimes loose my association and IP during a meeting (which orphans all of my ssh sessions). A few times I've had to rmmod and modprobe the wireless driver.
Unfortunately, that trust is already gone. Maybe the better behaviour induced by these cameras will help restore some of it.
Most consumer grade gateways are designed for less technical users. To reduce support calls, they have UPNP turned on by default. These days, they usually have an option to turn it off, probably down in an "advanced" page of the WUI. However, they very seldom have options to limit it to specific internal devices. Many of the online games require open network ports, and use UPNP to obtain them. Technical users can manually set up the port forwarding for a game console, by assigning it a fixed ip, and passing the required ports. However, the majority of users can't do that, or are too lazy. The few users who turn UPNP off, often end up turning it back on to get the games to work correctly. At that point, all of the IoT devices can create their telnet backdoor UPNP exceptions too.
Another method is a downloaded trojan on a PC, that infects IoT thing on the local network.
I've heard that mentioning specific vendors and models can get a security researcher sued. These days, you need to either post the list of weak devices anonymously, or consult a lawyer about responsible disclosure.
Regrettably, this is true. Krebs said his Akamai protection got hit primarly by GRE packets straight from the botted device. Very little of the DDOS was from amplification.
Then get sued... :-(
Unfortunately, by the time the FTC or FCC got the fine through appeals, the bad device would have been on the market for 10 years. By then the sub-company created to market that device would no longer exist. It also would not eliminate the bad devices already out there.
The problem is from amplification attacks. A sends a dns query (or something) packet to B, but forges a source address of C. B sends a much larger response to C. C blames B. B's internet fee goes up. Both B and C are victims. The correct solution is BPC38, "http://www.bcp38.info/index.php/Main_Page". Unfortunately, a lot of (IMO shady) network operators don't implement restrictions on their clients forging source ip addresses. They might be accepting payment to allow this abuse, they might be incompetent, or they might just be lazy. The excuse that it cost too much to upgrade their gear is no longer relevant. All routers have had the cpu to do that for years.
Aliexpress has the best price: 5 for $2.71 + $0.12 shipping to US. They'll take a month to arrive. :-( https://www.aliexpress.com/item/Free-shipping-5PCS-LOT-MAX7219CNG-MAX7219-DIP-24/32633578636.html.
Adafruit has one for $9.95 + ~$7 shipping, but you'll get it in 3 to 5 days.
Amazon has several offerings, but none are prime. None seem to have delivery times even close to what Adafruit can offer.
Amazon's descriptions are almost always deficient. Worse, they prevent you from improving them. I recently posted a review of a SMT transistor book. I included datasheet links for every part in the book. Amazon deleted all of the links, replacing them with [...]. Their search is also terrible, especially for electronic components. They don't have anything close to the parametric searchs available on mouser or digi-key.
The closest I've seen is a single port KVM over IP, like the Lantronix Spider. Unfortunately, they're about $300, and need a java browser plugin.
https://www.amazon.com/1PORT-USB-Remote-KVM-Spider/dp/B000OH5MDO
The only things I ever use Flash for anymore are Pandora radio and VMware vCenter. I've almost gotten rid of Pandora's Flash by switching to pianobar https://6xq.net/pianobar/. It handles normal playing. It won't do the more advanced things like editing a station, adding variety, etc.
I don't have a solution for vCenter. I did, at least, get freshplayerplugin to run pepperflash under Palemoon. That lets me specify an external app (vmplayer) to open console windows. Chrome insists on opening the console windows in another flash window, which won't pass ctrl-C, ctrl-P, or many other control characters. It's infuriating to try to ping something from the console, realize too late that you can't stop it, and have to reboot the vm.