I'll bet the app was downloaded by 95% of the big fish. Small fish would have trickled in after the cut off date.
But maybe - just maybe - the release was planned and monitored by the dark agents. Then cut off so people wouldn't ask questions allowing Google to save face ("oh we caught it just in time").
Conspiracy? It's a conspiracy man!! just throwing it out there.:-)
Does this mean that Earth will now have a larger mass and we'll fly out of orbit? We could get the whole population to Mars by starting a national campaign to eat more twinkies and drink Coke !!!
Seems cheaper than building a rocket for "5" people and would stimulate the world economy to boot !! everyone wins!!
I don't think it matters. Apple must know that the phone can be broken into - and now have a large hint it is possible.
But I don't believe it is the gov't who needs to tell Apple this - Apple could hire the same company and ask them how they did it.
From an ethical hacking point of view - maybe the gov't does have a responsibility to report a vulnerability to the vendor if the attack is "simple" and poses a clear danger to the security of Americans. I believe it is a balancing act with two possibilities.
If for example, the attack allows financial theft from consumers (bank wires or credit card) to occur the FBI remotely - then it should be reported. This is one defined Role of the FBI - protect people. However, if the attack is esoteric that allows access to encrypted data - and also requires the phone to be dismantled into individual nuts & bolts.... ehh.. it isn't a remote attack that would affect "millions." Rather just one person at a time with a lot of work.
Those silly wind up jumping toy animals are total crap. Yet you find them for sale everywhere. People will purchase them as silly gifts and folks put them on their desks.
But it makes money. Were they the Google of the toy industry? no. Did anybody learn and have an ah-ha moment after seeing one? probably not.
My brother recently bought a Volvo that has an app - he can start the car, set the temp, find the car etc. Volvo provided 90 days free access but in order to keep using the app he needs to purchase a monthly data plan.
Can you imagine having to pay a monthly access fee for your Car Keys? Is it worth: $10, $20, $30 to you?
I don't believe your statement to be true. The local public radio (at least here) gets the majority of its money from "underwriters" (local business) and member donations. This funds both local programming and NPR subscriptions. There are other states where public radio is funded by local universities. In other regions that don't have as much money - Corp for PB helps subsidize operations so that "everyone" has access to public radio.
"More than 90% of VPR's funding comes from the local community." and "Less than 10% of VPR's funding comes from the Corporation for Public Broadcasting government"
Others have pointed out that tax deductible donations are a form of gov't funding. But even then it is estimated to be 25% - not 50% (even Fox news quotes 25%) Using the same math - Religion is costing taxpayers $71 billion / year. I don't think one can compare NPR total $166MM budget to $71 billion / year.
yeah - the idea that the FOB is always awake surprises me. I'd have thought pressing the button would wake it up for "30 seconds" and then go back to sleep. "I did not initiate this request"
More modern ones apparently don't allow replay (aside from that hacker thing - geez). I remember years ago (1998) my VW Beetle had a reprogrammable FOB - one simply placed the key in the ignition, turned it "on" and for 30 seconds any FOB near the car with both buttons held down would be allowed future entry to the car. Still couldn't start it because the key was chipped. So I stood beside my buddy who had a similar car and stole his code as a prank. While it seemed unlikely somebody would do that (possible but low probability) it sure seemed like a poor design - and in light of this amplified attack I would now measure that attack much more likely. I could have put one in a parking lot and grabbed all cars.
Need to start with Secure by Design. Cars as IoT devices - here we go!!
Why does small have to be budget? if only it had 3D touch - it'd be a modern phone - just smaller.
Maybe I need to spend more money on my clothes - do more expensive clothes come with bigger pockets?
I want it all. But as others are saying - our old iPhone5's are just fine. I'd like to upgrade just because the phone is getting slower and hangs more often.
For now the SE isn't compelling enough to upgrade. If I was looking for a new phone I'd consider it. I'll wait until October to see what the brand new phone is - I've heard rumor of water resistance. And that is a feature I really do want. If put into the "SE" size it would be a done deal (with 64GB+ of storage because --- I have music). [although I should do the math on Music match to see if more storage is cheaper than swapping on the fly]
Yes and No. For the same reason - Make phones small. By god it is supposed to be a portable phone! I see Apple Watch as a small display so we can keep our "tablets" in our (man) purse.
I want small - not fewer features. I don't want "SE" as in cheaper intro model. I want the Skinny Jeans edition packed with Mini Cooper awesomeness.
Seriously - I've delayed upgrading my (original) iPhone5 because the alternatives from Apple are huge. I'm bought into the whole Apple eco-system. Easy sharing of content and services between devices including spouse etc etc. My watch was a splurge (a gift from my wife) and does make it easier to keep my phone elsewhere - esp at home. But summer is coming and the new 6s and + don't fit in my shorts or car cupholder. Facetious you think? No I'm serious. This whole mobile stuff is supposed to be getting smaller - but instead they are following the PC trend. Bigger and bigger beige boxes until some new disruptor comes along and invents the truly awesome skinny device. Oh wait that was Apple and the Air (and iPad). Caught MS/Dell/HP off guard. So who will make the small phone and disrupt Apple?
That's next - Apple will attempt to make the man purse cool and sell matching Gucci branded bags & iWatches.
Correct - they can't tell Apple how to design the equipment. However, there is a section that demands specific features that the device must offer.
"by requiring [that equipment manufacturers]...design and modify their equipment...[to] have the necessary surveillance capabilities"
Law enforcement can't tell them How to do it, only What they must provide.
I ain't about to read the whole thing - but from the paragraphs I have read one might argue that Apple was supposed to provide this functionality in some way.
Yes - thank you. For example - did Verizon feel that the winner responded to issues in a timely fashion? Was this company somehow ahead of the others in either securing systems or repairing issues quickly?
Nobody has perfect AV/firewall software. Do some companies do a better job at doing their best? Do they fix the underlying problem or issue lots of hot-fixes?
It's a beauty contest. Next Verizon will announce that product as being the Select Vendor or it's already in use within their cloud. And - Hey! - it has also garnered awards >_
Javascript as maintainable?:-) Native code folks have a big lead on tooling that JS is slowing getting. But I also believe it comes down to language support. There are so many things about JS that I don't like that I can't believe people are building great stacks on top of it. Sure JS has plenty of happy features (like closures) - but I think it is growing old quickly. What people want to use it for is causing stress marks to appear.
Lint is still weak. People are still writing unit tests just to verify that they didn't make a typo. Granted one won't know if C++ code is algorithmically correct without a unit test. In JS you do both - No Syntax Errors + Algorithmic via unit test. C++ won't compile - so the steps are separated.
But with everything being placed in one giant "JS is the world" stack (cough - nodejs) - next comes the need for: make it run faster. Without asking: does JS need to fundamentally change? Examples: Better (native) OO support rather than overloading existing features (sorry - I still don't like "prototype"). Okay - maybe it is the verbosity of the code and lack of syntactic sugar that I miss.
Should it "compile" or stay with JIT - what about Strength Reduction optimizations etc. If JS is going to grow up and really be a big language for big jobs - it needs to change. Or is it just the little scripting language used in the browser?
Enterprise Grade means it has bells and whistles that only a CTO would love. Such as the ability to backup to legacy mag-tapes. Or runs on hardware that the software company would be willing to support. Or plugs into a single-sign-on that actually works, or SSL gateways, Citrix solutions, VDI, etc. Things that "save" money for a large company.
End of the day - enterprise just means one throat to choke.
hmmm.... interesting decomposition. I agree with most if not all your points.
I'll raise one example for thought: the Stability Program in my car . The system can bring the car to an almost stop if need be - it doesn't (directly) steer, control is limited to reduce engine RPM, gear selection, and brakes. Airbags are still the final solution.
I can press a button to disable it (must disable for launch-control). However - should conditions warrant the system will re-enable itself. Anti-lock brakes can't be disabled - only the combined ESP (engine RPM, stability program, and traction control).
Going too fast around a corner - brakes are generally applied, engine RPM cut, and brakes applied such that direction is altered. Each wheel brake can be applied individually and on slippery surfaces this alters the direction of the vehicle. It stabilizes the direction & speed of the car.
I'm not suggesting that my car is a robot - as it doesn't have any autonomous features (I still need to firmly grip the steering wheel). Thinking strictly about this one component that controls the braking system - how would you characterize this and who is responsible? It isn't a thermostat.
I've only been using R for a short time - about a year. But I'm excited by this - and MS' new foray towards true open-source.
I quickly found RStudio - simply because the basic R shell/gui was difficult to use. RStudio was nice and very helpful plus the team turned out new releases. My excitement is MS' wallet and pushing money into this - R should improve.
As for embrace & extend - R could use a bit of consolidation & simplification. There are many ways to do things and not all of them compatible. Plus the documentation is a bit...thin.
Good question. I wash all my teflon pans with a wet sponge - but stay away from scouring pads because they ruin the finish.
But they did say it retains its hydrophobia even after scratches. The mirrors on my car are waxed to keep water off - but dirt sure does build up. So I can see in the rain but not on muddy/salty days (yeah - that's a thing up North).
'course - this is just a proof-of-concept. It'll take "10 years" to bring it to market.
Yeah - I don't understand this feature. not a terrifically detailed article.
Company provides cell phone. Company tracks device.
For BYOD - it would be useful to know WHAT the company is tracking. My employer allows BYOD with the installation of an App - and other than "we reserve the right to wipe device to protect company IP" - not much more is said regarding what the app does.
In the office they've installed a super SSL certificate that offers an "obsolete cipher suite" - so that they can view all content that originates in the office. Fair enough. But will they also do this for BYOD?
Right on! Websites are allowed to use an advertising model - and this "package" is then offered to us the reader. Who must implicitly consume both or none (conceptually). Just like print media. This is the handshake - you agree to view ads and the content is provided for free. Companies used to "bring you" TV shows way-back-when.
But - as I've said before, some ads Own the content - take over the site. Many sites now have ads that take over the site temporarily via a full-screen pop-up (these are the new pop-unders). I have difficulty pressing the X on my mobile device - usually needing to wait for the long list of crap HTML/CSS/JS/XHTML/JPG/etc to load before the page becomes responsive again.
I'm not blocking ads in order to cut the revenue - I'm blocking ads because the hand-shake between consumers and producers is broken. I find it hard to believe that the content providers really desired this low-quality interaction with the content. I'll watch the ad - but if the damn page keeps scrolling, gets covered with a gray box without an X, or text keeps reformatting that I can't read the content --- I'll go elsewhere or **provide my own fix**
Hopefully this will get hashed out in the conference.
"...puts Apple on the side of terrorists instead of on the side of public safety" says the lawyer who one would think wants to keep his business private.
How long ago was it that lawyers were outraged by the TSA's policy to "search" laptops at the border? They adopted a clean hard-drive policy and the lawyers would download content via "the cloud" after arriving at their destination.
But this lawyer wants his phone to be searchable. Interesting indeed. Please define Public Safety.
My concern is around unlocking data for "1%" such that the other 99% of us are open to (a more likely) cyber attack or gov't intrusion. We need to find a happy medium on this topic.
This is pretty cool. The more we let technology automate the more mistakes can happen that we don't catch. Thankfully a bunch of people were there and figured out something was obviously wrong. The ball was released either Before or At the buzzer - all those present know that. But for the refs to have seen 1.3 seconds when there wasn't that much time on the buzzer should have thrown an internal "does not compute." The player would have had to release the ball "far" after the buzzer.
Checks and Double checks. Man vs Machine. It used to be nice when MLB allowed John Henry to officiate and leaving the fun of human mistakes in the game. But in the NFL where mm count - it is up to the booth. When the machine makes a mistake - humans wind up in the ditch.
To answer your question: hold back progress to protect people? You need to make it safe by design. Protect people first.
But I also have to ask: Is building something foreign simply defined as progress? I drove a Chrysler/Dodge that had this same stick in it - what a PITA. Plus I also began to wonder "gee - how many people fail to put it in Park or are in N rather than a desired gear" It is not an intuitive design - You Have To Look. You press the stick - and then wait. and then press it again and again. Works fine for a range (e.g.Volume) control. But frustrating when position is critical. Manual shift and current Auto are position based - so people don't need to Look, just muscle memory.
As a designer - during your FMEA, you need to ask questions around Safety. Think of the ways in which user-confusion could lead to "failure."
And nobody reads the manual. No seriously. In my line of work we call this Labeling (all those warning labels you see on devices like "hot" "warning" etc). Labeling is never a mitigator for safety. Assume nobody reads it. The device must protect the consumer By Design. Even possible/obvious misuse (if you can anticipate it - design for it).
Slashdot Mirror
Is there an online submission form?
I'll bet the app was downloaded by 95% of the big fish. Small fish would have trickled in after the cut off date.
But maybe - just maybe - the release was planned and monitored by the dark agents. Then cut off so people wouldn't ask questions allowing Google to save face ("oh we caught it just in time").
Conspiracy? It's a conspiracy man!! just throwing it out there. :-)
Does this mean that Earth will now have a larger mass and we'll fly out of orbit? We could get the whole population to Mars by starting a national campaign to eat more twinkies and drink Coke !!!
Seems cheaper than building a rocket for "5" people and would stimulate the world economy to boot !! everyone wins!!
I don't think it matters. Apple must know that the phone can be broken into - and now have a large hint it is possible.
But I don't believe it is the gov't who needs to tell Apple this - Apple could hire the same company and ask them how they did it.
From an ethical hacking point of view - maybe the gov't does have a responsibility to report a vulnerability to the vendor if the attack is "simple" and poses a clear danger to the security of Americans. I believe it is a balancing act with two possibilities.
If for example, the attack allows financial theft from consumers (bank wires or credit card) to occur the FBI remotely - then it should be reported. This is one defined Role of the FBI - protect people. However, if the attack is esoteric that allows access to encrypted data - and also requires the phone to be dismantled into individual nuts & bolts.... ehh.. it isn't a remote attack that would affect "millions." Rather just one person at a time with a lot of work.
Those silly wind up jumping toy animals are total crap. Yet you find them for sale everywhere. People will purchase them as silly gifts and folks put them on their desks.
But it makes money. Were they the Google of the toy industry? no. Did anybody learn and have an ah-ha moment after seeing one? probably not.
Bobble heads too.
My brother recently bought a Volvo that has an app - he can start the car, set the temp, find the car etc. Volvo provided 90 days free access but in order to keep using the app he needs to purchase a monthly data plan.
Can you imagine having to pay a monthly access fee for your Car Keys? Is it worth: $10, $20, $30 to you?
I don't believe your statement to be true. The local public radio (at least here) gets the majority of its money from "underwriters" (local business) and member donations. This funds both local programming and NPR subscriptions. There are other states where public radio is funded by local universities. In other regions that don't have as much money - Corp for PB helps subsidize operations so that "everyone" has access to public radio.
"More than 90% of VPR's funding comes from the local community." and "Less than 10% of VPR's funding comes from the Corporation for Public Broadcasting government"
Others have pointed out that tax deductible donations are a form of gov't funding. But even then it is estimated to be 25% - not 50% (even Fox news quotes 25%) Using the same math - Religion is costing taxpayers $71 billion / year. I don't think one can compare NPR total $166MM budget to $71 billion / year.
http://digital.vpr.net/support...
http://www.americanthinker.com...
https://www.washingtonpost.com...
real programmers swipe code from SO and compile it without attribution - saying "I wrote all of this"
yeah - the idea that the FOB is always awake surprises me. I'd have thought pressing the button would wake it up for "30 seconds" and then go back to sleep. "I did not initiate this request"
More modern ones apparently don't allow replay (aside from that hacker thing - geez). I remember years ago (1998) my VW Beetle had a reprogrammable FOB - one simply placed the key in the ignition, turned it "on" and for 30 seconds any FOB near the car with both buttons held down would be allowed future entry to the car. Still couldn't start it because the key was chipped. So I stood beside my buddy who had a similar car and stole his code as a prank. While it seemed unlikely somebody would do that (possible but low probability) it sure seemed like a poor design - and in light of this amplified attack I would now measure that attack much more likely. I could have put one in a parking lot and grabbed all cars.
Need to start with Secure by Design. Cars as IoT devices - here we go!!
Why does small have to be budget? if only it had 3D touch - it'd be a modern phone - just smaller.
Maybe I need to spend more money on my clothes - do more expensive clothes come with bigger pockets?
I want it all. But as others are saying - our old iPhone5's are just fine. I'd like to upgrade just because the phone is getting slower and hangs more often.
For now the SE isn't compelling enough to upgrade. If I was looking for a new phone I'd consider it. I'll wait until October to see what the brand new phone is - I've heard rumor of water resistance. And that is a feature I really do want. If put into the "SE" size it would be a done deal (with 64GB+ of storage because --- I have music). [although I should do the math on Music match to see if more storage is cheaper than swapping on the fly]
Sure - it was one of the OP links...
"Communications Assistance for Law Enforcement Act (CALEA)" https://www.fcc.gov/public-saf...
Yes and No. For the same reason - Make phones small. By god it is supposed to be a portable phone! I see Apple Watch as a small display so we can keep our "tablets" in our (man) purse.
I want small - not fewer features. I don't want "SE" as in cheaper intro model. I want the Skinny Jeans edition packed with Mini Cooper awesomeness.
Seriously - I've delayed upgrading my (original) iPhone5 because the alternatives from Apple are huge. I'm bought into the whole Apple eco-system. Easy sharing of content and services between devices including spouse etc etc. My watch was a splurge (a gift from my wife) and does make it easier to keep my phone elsewhere - esp at home. But summer is coming and the new 6s and + don't fit in my shorts or car cupholder. Facetious you think? No I'm serious. This whole mobile stuff is supposed to be getting smaller - but instead they are following the PC trend. Bigger and bigger beige boxes until some new disruptor comes along and invents the truly awesome skinny device. Oh wait that was Apple and the Air (and iPad). Caught MS/Dell/HP off guard. So who will make the small phone and disrupt Apple?
That's next - Apple will attempt to make the man purse cool and sell matching Gucci branded bags & iWatches.
Correct - they can't tell Apple how to design the equipment. However, there is a section that demands specific features that the device must offer.
"by requiring [that equipment manufacturers]...design and modify their equipment...[to] have the necessary surveillance capabilities"
Law enforcement can't tell them How to do it, only What they must provide.
I ain't about to read the whole thing - but from the paragraphs I have read one might argue that Apple was supposed to provide this functionality in some way.
Yes - thank you. For example - did Verizon feel that the winner responded to issues in a timely fashion? Was this company somehow ahead of the others in either securing systems or repairing issues quickly?
Nobody has perfect AV/firewall software. Do some companies do a better job at doing their best? Do they fix the underlying problem or issue lots of hot-fixes?
It's a beauty contest. Next Verizon will announce that product as being the Select Vendor or it's already in use within their cloud. And - Hey! - it has also garnered awards >_
Javascript as maintainable? :-) Native code folks have a big lead on tooling that JS is slowing getting. But I also believe it comes down to language support. There are so many things about JS that I don't like that I can't believe people are building great stacks on top of it. Sure JS has plenty of happy features (like closures) - but I think it is growing old quickly. What people want to use it for is causing stress marks to appear.
Lint is still weak. People are still writing unit tests just to verify that they didn't make a typo. Granted one won't know if C++ code is algorithmically correct without a unit test. In JS you do both - No Syntax Errors + Algorithmic via unit test. C++ won't compile - so the steps are separated.
But with everything being placed in one giant "JS is the world" stack (cough - nodejs) - next comes the need for: make it run faster. Without asking: does JS need to fundamentally change? Examples: Better (native) OO support rather than overloading existing features (sorry - I still don't like "prototype"). Okay - maybe it is the verbosity of the code and lack of syntactic sugar that I miss.
Should it "compile" or stay with JIT - what about Strength Reduction optimizations etc. If JS is going to grow up and really be a big language for big jobs - it needs to change. Or is it just the little scripting language used in the browser?
Enterprise Grade means it has bells and whistles that only a CTO would love. Such as the ability to backup to legacy mag-tapes. Or runs on hardware that the software company would be willing to support. Or plugs into a single-sign-on that actually works, or SSL gateways, Citrix solutions, VDI, etc. Things that "save" money for a large company.
End of the day - enterprise just means one throat to choke.
Good thing there wasn't a common security key like the FBI wants !!! :-P
hmmm.... interesting decomposition. I agree with most if not all your points.
I'll raise one example for thought: the Stability Program in my car . The system can bring the car to an almost stop if need be - it doesn't (directly) steer, control is limited to reduce engine RPM, gear selection, and brakes. Airbags are still the final solution.
I can press a button to disable it (must disable for launch-control). However - should conditions warrant the system will re-enable itself. Anti-lock brakes can't be disabled - only the combined ESP (engine RPM, stability program, and traction control).
Going too fast around a corner - brakes are generally applied, engine RPM cut, and brakes applied such that direction is altered. Each wheel brake can be applied individually and on slippery surfaces this alters the direction of the vehicle. It stabilizes the direction & speed of the car.
I'm not suggesting that my car is a robot - as it doesn't have any autonomous features (I still need to firmly grip the steering wheel). Thinking strictly about this one component that controls the braking system - how would you characterize this and who is responsible? It isn't a thermostat.
I've only been using R for a short time - about a year. But I'm excited by this - and MS' new foray towards true open-source.
I quickly found RStudio - simply because the basic R shell/gui was difficult to use. RStudio was nice and very helpful plus the team turned out new releases. My excitement is MS' wallet and pushing money into this - R should improve.
As for embrace & extend - R could use a bit of consolidation & simplification. There are many ways to do things and not all of them compatible. Plus the documentation is a bit...thin.
So I believe this will be good. Yay!
Good question. I wash all my teflon pans with a wet sponge - but stay away from scouring pads because they ruin the finish.
But they did say it retains its hydrophobia even after scratches. The mirrors on my car are waxed to keep water off - but dirt sure does build up. So I can see in the rain but not on muddy/salty days (yeah - that's a thing up North).
'course - this is just a proof-of-concept. It'll take "10 years" to bring it to market.
Yeah - I don't understand this feature. not a terrifically detailed article.
Company provides cell phone. Company tracks device.
For BYOD - it would be useful to know WHAT the company is tracking. My employer allows BYOD with the installation of an App - and other than "we reserve the right to wipe device to protect company IP" - not much more is said regarding what the app does.
In the office they've installed a super SSL certificate that offers an "obsolete cipher suite" - so that they can view all content that originates in the office. Fair enough. But will they also do this for BYOD?
Right on! Websites are allowed to use an advertising model - and this "package" is then offered to us the reader. Who must implicitly consume both or none (conceptually). Just like print media. This is the handshake - you agree to view ads and the content is provided for free. Companies used to "bring you" TV shows way-back-when.
But - as I've said before, some ads Own the content - take over the site. Many sites now have ads that take over the site temporarily via a full-screen pop-up (these are the new pop-unders). I have difficulty pressing the X on my mobile device - usually needing to wait for the long list of crap HTML/CSS/JS/XHTML/JPG/etc to load before the page becomes responsive again.
I'm not blocking ads in order to cut the revenue - I'm blocking ads because the hand-shake between consumers and producers is broken. I find it hard to believe that the content providers really desired this low-quality interaction with the content. I'll watch the ad - but if the damn page keeps scrolling, gets covered with a gray box without an X, or text keeps reformatting that I can't read the content --- I'll go elsewhere or **provide my own fix**
Hopefully this will get hashed out in the conference.
"...puts Apple on the side of terrorists instead of on the side of public safety" says the lawyer who one would think wants to keep his business private.
How long ago was it that lawyers were outraged by the TSA's policy to "search" laptops at the border? They adopted a clean hard-drive policy and the lawyers would download content via "the cloud" after arriving at their destination.
But this lawyer wants his phone to be searchable. Interesting indeed. Please define Public Safety.
My concern is around unlocking data for "1%" such that the other 99% of us are open to (a more likely) cyber attack or gov't intrusion. We need to find a happy medium on this topic.
This is pretty cool. The more we let technology automate the more mistakes can happen that we don't catch. Thankfully a bunch of people were there and figured out something was obviously wrong. The ball was released either Before or At the buzzer - all those present know that. But for the refs to have seen 1.3 seconds when there wasn't that much time on the buzzer should have thrown an internal "does not compute." The player would have had to release the ball "far" after the buzzer.
Checks and Double checks. Man vs Machine. It used to be nice when MLB allowed John Henry to officiate and leaving the fun of human mistakes in the game. But in the NFL where mm count - it is up to the booth. When the machine makes a mistake - humans wind up in the ditch.
To answer your question: hold back progress to protect people? You need to make it safe by design. Protect people first.
But I also have to ask: Is building something foreign simply defined as progress? I drove a Chrysler/Dodge that had this same stick in it - what a PITA. Plus I also began to wonder "gee - how many people fail to put it in Park or are in N rather than a desired gear" It is not an intuitive design - You Have To Look. You press the stick - and then wait. and then press it again and again. Works fine for a range (e.g.Volume) control. But frustrating when position is critical. Manual shift and current Auto are position based - so people don't need to Look, just muscle memory.
As a designer - during your FMEA, you need to ask questions around Safety. Think of the ways in which user-confusion could lead to "failure."
And nobody reads the manual. No seriously. In my line of work we call this Labeling (all those warning labels you see on devices like "hot" "warning" etc). Labeling is never a mitigator for safety. Assume nobody reads it. The device must protect the consumer By Design. Even possible/obvious misuse (if you can anticipate it - design for it).