There is, unfortunately, among certain developer communities a certain mindset that allows a thought process that seems to go something like this:
I have a new idea. This new idea will disrupt everything and is therefore good. Everything from before must go. Rinse, repeat.
I guess it makes them a living. It makes working around them hell.
It just happens that Redhat employs certain highly visible people. If you look a bit closer, you find much of this and it's underpinnings come out of freedesktop.org and in aggregate those folks are all over the place.
They paid to screw it up, now want help to fix it and won't pay for that.
It reminds of car maker that is now resorting to junk bonds to meet the manufacturing costs of the over promised car they have the world over hyped on.
A movie quote: "you're writin' checks your body can't cash"
The studio system was supported by predatory behavior towards the performers, craft workers of all kinds and the public at large.
The internet wasn't setup to "satisfy the last-mile wishes of people setting up content portals" either. It HAS become that, true. No, they don't "all rent from the same big backbone" either. You have just illustrated clearly that have no idea how telecommunications networks actually work (modern or otherwise); using instead that wonderful fallacy of "it just works".
I would suggest that you have a look into history and find out why the interstate commerce commission was created; what the exact issues were that caused it's creation.
Look too at why the studios were REQUIRED to divest of the end product delivery "portals" and a lot of the rest of the distribution chain. They were in fact required to do so. It wasn't market forces.
For bonus points, look at how the two instances were similar. The differences are stupidly easy; The similarities are harder but far more illuminating.
Well... You could, but you had to do it "retail". Visit large number of privately owned venues/theaters (often vaudeville "palaces"), selling each owner on why he should exhibit your product/act. As owners began consolidating their properties as vaudeville collapsed, buying up the chains became the next obvious move.
Textbook illustration of why market forces aren't to be trusted.
irrational consumer = source of dollars In business, ignore that equation at peril of the continued existence of your business
All, as much as some might like to think they are changing the world, until that change demonstrably does happen, beware for you are crunchy and good with ketchup... And there is NO right to not be eaten.
He took a risk and got handed his head, for now, proving the risk was bad. Good experimental evidence there. Anyone care to test for repeat-ability? Just so we can get a good statistical sample...
I did in fact read the document. It was literate, well written, misogynistic tripe, in my opinion. It certainly did not demonstrate consideration (did he think about them) of points of view other than the one he was putting forward.
Also in my opinion, the entire discussion shows how easily literacy is confused with smart, critical thought.
It's how we get these clowns in Washington (both sides)... Very literate and able to use that to sway people to react rather than respond.
At first, the studios didn't own the movie houses either. Over time, independent movies houses couldn't compete and were bought up. The studios didn't own the roads either, but the movies houses (not to mention distribution companies).
At one time, several years ago, I started "following the money" with google searches on who owned what. I started with the theater chains. I found a small handful of "amusement" companies from the midwest owned all the major theater chains, huge chunks (if not controlling interest) of production companies, studios, distribution companies and media/cable companies. All very quiet and low key. Very unlike when the studios ran the conglomerates. I guess they learned their lesson.
Maybe you should look at a bit of a distance... Not be so blindly literal.
As I said, it looks the same as in the 20s when the studios (Disney) vertically integrated the movie houses (their own distribution "channels"). Fox theaters weren't allowed to run Paramount or Universal films... Eventually the outlets were actually owned by Fox, Paramount, Universal etc.
While it's isn't Comcast or the internet in this instance, in principal, it IS the same thing.
Legislation was eventually passed disallowing this type of practice.
You may have been living in some sort of fantasy world of siloed functions.
In a large enough organization, there might be specialists in telecom, desktop hardware and server hardware, but usually IT, in general, is charged with all facets of the IT plant... Workstations, servers, networking hardware and telecom (including switching, carrier interconnect and endpoints like conference phones).
If what you want is to JUST develop software, you need to be in a different role.
I agree, an app with a crypto handshake, defeats this. Rereading the article, while not explicitly stated it does look like they're using integrated 2FA or 2FA app. Those don't even have to communicate except at initial setup time.
I read it to mean voice prompts, which just plain struck me as dumb. I'll go sit in the corner now.
More pointedly, systemD has recently been found declareing usernames that are considered valid by the system at large and by POSIX standards, to be invalid and selecting a new userid at random (on some very common systems, root) and silently running processes under that user id.
This is an EXTREMELY non-standard behavior and as such, unexpected by the user community at large. By many, it is considered a security breech. Based on the comment from Linus, I suspect he does not consider this to be sane behavior.
The systemD developer community has demonstrated reluctance to correct this observed behavior.
This isn't "change is scary". This is, the damned thing is broken and the developers went into Pewee Herman mode (I meant to do that! I won't fix it).
THAT is scary. The rude and dismissive attitude around the cult of SystemD is even more scary.
More pointedly, systemD has recently been found declareing usernames that are considered valid by the system at large and by POSIX standards, to be invalid and selecting a new userid at random (on some very common systems, root) and silently running processes under that user id.
This is an EXTREMELY non-standard behavior and as such, unexpected by the user community at large. By many, it is considered a security breech. Based on the comment from Linus, I suspect he does not consider this to be sane behavior.
The systemD developer community has demonstrated reluctance to correct this observed behavior.
The article says SS7 is being used to intercept sms messages sent to the handset i.e. redirecting them to an alternate endpoint. If that can happen, how can the voice call not also be redirected to an alternate endpont via ss7. That IS what SS7 was made for... To direct (route) traffic (voice calls, sms message and even connect tcp/ip channels between internet gateways and handsets) to and from specific points in the network.
To state it bluntly, I call bullshit to the stated premise. If sms is being intercepted via SS7 all the others are vulnerable too.
In order to locate the handset via ss7 some form of routing is used to a.) send the "message" to the cell site currently connecting the handset.
"special app" or no, ss7 IS used to locate the handset, allow it to connect to a cell site and determine if traffic is allowed to flow to and from it. Again, if SS7 is hijacked, how are those processes NOT compromised?
This is not unlike saying the plane has been hijacked to cuba, but the crew is still enroute to new york.
Slashdot Mirror
There is, unfortunately, among certain developer communities a certain mindset that allows a thought process that seems to go something like this:
I have a new idea. This new idea will disrupt everything and is therefore good. Everything from before must go. Rinse, repeat.
I guess it makes them a living. It makes working around them hell.
It just happens that Redhat employs certain highly visible people. If you look a bit closer, you find much of this and it's underpinnings come out of freedesktop.org and in aggregate those folks are all over the place.
Nor apparently is a micro sd slot. Nice otherwise. I'll give it pass
We've invented everything there is to invent!
I think "boffins" said that in the past.
They were wrong then too.
Jeez! And we think Stanford and MIT are where the smart people are?!
Or does this strike anyone else as looking particularly desperate?
No, actually just after Eisenhower had a heart attack in 1957 is when this began
and trying for good ol' Apple "mystique"
And oddly, they'll find engineers dumb enough to bite
the carrier don't like what was disabled. Now you can't use an iPhone handset to bypass the carrier using VOIP
They paid to screw it up, now want help to fix it and won't pay for that.
It reminds of car maker that is now resorting to junk bonds to meet the manufacturing costs of the over promised car they have the world over hyped on.
A movie quote: "you're writin' checks your body can't cash"
The studio system was supported by predatory behavior towards the performers, craft workers of all kinds and the public at large.
The internet wasn't setup to "satisfy the last-mile wishes of people setting up content portals" either. It HAS become that, true. No, they don't "all rent from the same big backbone" either. You have just illustrated clearly that have no idea how telecommunications networks actually work (modern or otherwise); using instead that wonderful fallacy of "it just works".
I would suggest that you have a look into history and find out why the interstate commerce commission was created; what the exact issues were that caused it's creation.
Look too at why the studios were REQUIRED to divest of the end product delivery "portals" and a lot of the rest of the distribution chain. They were in fact required to do so. It wasn't market forces.
For bonus points, look at how the two instances were similar. The differences are stupidly easy; The similarities are harder but far more illuminating.
Well... You could, but you had to do it "retail". Visit large number of privately owned venues/theaters (often vaudeville "palaces"), selling each owner on why he should exhibit your product/act. As owners began consolidating their properties as vaudeville collapsed, buying up the chains became the next obvious move.
Textbook illustration of why market forces aren't to be trusted.
irrational consumer = source of dollars
In business, ignore that equation at peril of the continued existence of your business
All, as much as some might like to think they are changing the world, until that change demonstrably does happen, beware for you are crunchy and good with ketchup... And there is NO right to not be eaten.
He took a risk and got handed his head, for now, proving the risk was bad. Good experimental evidence there. Anyone care to test for repeat-ability? Just so we can get a good statistical sample...
I did in fact read the document. It was literate, well written, misogynistic tripe, in my opinion. It certainly did not demonstrate consideration (did he think about them) of points of view other than the one he was putting forward.
Also in my opinion, the entire discussion shows how easily literacy is confused with smart, critical thought.
It's how we get these clowns in Washington (both sides)... Very literate and able to use that to sway people to react rather than respond.
I did and he is.
At first, the studios didn't own the movie houses either. Over time, independent movies houses couldn't compete and were bought up. The studios didn't own the roads either, but the movies houses (not to mention distribution companies).
At one time, several years ago, I started "following the money" with google searches on who owned what. I started with the theater chains. I found a small handful of "amusement" companies from the midwest owned all the major theater chains, huge chunks (if not controlling interest) of production companies, studios, distribution companies and media/cable companies. All very quiet and low key. Very unlike when the studios ran the conglomerates. I guess they learned their lesson.
Maybe you should look at a bit of a distance... Not be so blindly literal.
As I said, it looks the same as in the 20s when the studios (Disney) vertically integrated the movie houses (their own distribution "channels"). Fox theaters weren't allowed to run Paramount or Universal films... Eventually the outlets were actually owned by Fox, Paramount, Universal etc.
While it's isn't Comcast or the internet in this instance, in principal, it IS the same thing.
Legislation was eventually passed disallowing this type of practice.
So sad I had to spell it out SO precisely.
This all resembles when the studios vertically "integrated" the movie houses... And were eventually forced to divest.
Let's see... What all does Comcast own/control.
No, we don't need network neutrality
"chop shops" for phones really aren't a "thing" right now and the perception that a phone can be remotely "killed" makes a stolen phone less valuable.
Taken together, these will tend to reduce the number of stolen phones.
It might change with Apples new $1200.00 device, but until then...
You may have been living in some sort of fantasy world of siloed functions.
In a large enough organization, there might be specialists in telecom, desktop hardware and server hardware, but usually IT, in general, is charged with all facets of the IT plant... Workstations, servers, networking hardware and telecom (including switching, carrier interconnect and endpoints like conference phones).
If what you want is to JUST develop software, you need to be in a different role.
I agree, an app with a crypto handshake, defeats this. Rereading the article, while not explicitly stated it does look like they're using integrated 2FA or 2FA app. Those don't even have to communicate except at initial setup time.
I read it to mean voice prompts, which just plain struck me as dumb.
I'll go sit in the corner now.
Point in fact, distros DID support it, which is how the issue was discovered.
Some wrapped the command that did it, but most didn't.
The core issue isn't the bug. The core issue is the pattern of rude and dismissive responses to the bugs.
Last I heard it was marked WONT FIX
last I heard it was marked WONT FIX
I quote myself...
More pointedly, systemD has recently been found declareing usernames that are considered valid by the system at large and by POSIX standards, to be invalid and selecting a new userid at random (on some very common systems, root) and silently running processes under that user id.
This is an EXTREMELY non-standard behavior and as such, unexpected by the user community at large. By many, it is considered a security breech. Based on the comment from Linus, I suspect he does not consider this to be sane behavior.
The systemD developer community has demonstrated reluctance to correct this observed behavior.
This isn't "change is scary". This is, the damned thing is broken and the developers went into Pewee Herman mode (I meant to do that! I won't fix it).
THAT is scary. The rude and dismissive attitude around the cult of SystemD is even more scary.
More pointedly, systemD has recently been found declareing usernames that are considered valid by the system at large and by POSIX standards, to be invalid and selecting a new userid at random (on some very common systems, root) and silently running processes under that user id.
This is an EXTREMELY non-standard behavior and as such, unexpected by the user community at large. By many, it is considered a security breech. Based on the comment from Linus, I suspect he does not consider this to be sane behavior.
The systemD developer community has demonstrated reluctance to correct this observed behavior.
The article says SS7 is being used to intercept sms messages sent to the handset i.e. redirecting them to an alternate endpoint. If that can happen, how can the voice call not also be redirected to an alternate endpont via ss7. That IS what SS7 was made for... To direct (route) traffic (voice calls, sms message and even connect tcp/ip channels between internet gateways and handsets) to and from specific points in the network.
To state it bluntly, I call bullshit to the stated premise. If sms is being intercepted via SS7 all the others are vulnerable too.
In order to locate the handset via ss7 some form of routing is used to a.) send the "message" to the cell site currently connecting the handset.
"special app" or no, ss7 IS used to locate the handset, allow it to connect to a cell site and determine if traffic is allowed to flow to and from it. Again, if SS7 is hijacked, how are those processes NOT compromised?
This is not unlike saying the plane has been hijacked to cuba, but the crew is still enroute to new york.