What's the figure for the top 1% of people in Beverly Hills? How rich do you have to be to be in the top 1% of people who live on 5th Avenue? Does it matter?
You're in the top 1% of -people-.
As soon as you start saying "but but but I'm not in the top 1% of Vermont residents" you're playing a sad game of no true (rich) Scotsman in a vain attempt to pretend you're not doing better than the vast majority of people. You are richer than 99% of PEOPLE. So you're rich. Get over it.
You chose to move to a new place, although it was more expensive. Apparently the new place is -better-, or you would have stayed in the old place. In other words, you bought the advantages of living in the better place, and better stuff costs more. If you can afford to live in a nicer place, that's a sign that you ARE richer.
You observed that housing etc in some (better) places costs more, and used that to suggest that people who get to choose nicer places to live aren't doing better than those who can't afford to move to a nicer place. Let's try your same argument with transportation:
I assert "Mark Cuban is richer than most high-school students". Your reply: "No, Mark's cost of transportation (private jet) is higher than the student's cost of transportation (bus). Therefore mark Cuban isn't actually much richer."
How about this one, which again is essentially the same as what you said: Barak Obama's cost of entertainment (private concerts) is higher than mine, therefore he's not actually richer.
Yes, it costs more to live i Beverly Hills than it does to live in Sarajevo, but that cost represents the fact that it's BETTER to live in Beverly Hills than to live in Sarajevo. Paying Beverly Hills rent doesn't make you poor, it demonstrates that you're wealthy enough to buy in a nice neighborhood, and thereby buy the advantages of a nicer area.
On the other hand, the cost to live -under-a-bridge- eating out of dumpsters in Beverly Hills is about the same as the cost to live under a bridge anywhere else. Poor, poor you, you "have" to get a nice apartment, while other people get to spend less by living in slums overrun by gangs. Except you don't have to. You could go live int he slum, and keep your money in your wallet instead. Then, with huge amounts of cash in your wallet it would be obvious - even to you - that you're rich.
I could give you the number for people in the United States and you'd exclude yourself because you're not the top 1% of Orange County. If you are richer than 99% of people, then yeah, you're rich. Deal with it. Somebody else is even richer? Cry me a river.
Specifically, 99% of people live on less than $22,000 per year. So if your incom is higher than $22,000, you are the 1%. Whatever you say of "the 1%" you are saying of yourself.
Yeah, it's the same idea. Microphone inputs are much more sensitive than speakers, so it happens a lot if you use a long mic cable but don't use the correct type, or if a connection is broken in the mic cable.
Am radio is basically the audio signal added to the radio signal. An antenna is a wire, and a wire is an antenna. So if you have a wire hooked up to a sound input which somehow does process the radio signal (such as by not being fast enough to do so), you can easily end up with just the AM audio coming through the wire/antenna to the audio input.
Which standards does links violate? As far as I know, ignoring tags (including script tags) is perfectly compliant with all standards.
It leaves out some features, of course. There are some things it does not do, but that's fundamentally different than doing it WRONG, as IE and Edge do.
Taximeters are tested for certification. The official takes it on a measured course and checks that it gives the correct mileage. Typically, it's allowed to be around 4% under or 2% over, something like that so to be safe you try to make it 1% under, which gives you 3% margin of error either way.
I was involved in designing and implementing an app called Cross Cabbie. We're more accurate than the traditional meters.
Actually the city councilman I mentioned, who is my stepdaughters' half-brother, grew up one block from crackville. His stepmom was a streetwalker for a while. So not exactly rich and entitled. Your neighborhood has a state representative too. That's a representative to your STATE legislature, not Congress. It might be interesting to look up who your state rep and city council reps are - they're your neighbors, quite unlike the US Senate.
If you think you know everyone who your pastor, your dad, AND your teacher talk to, and you're not in a very small town, you might want to talk to your teacher - because you need to review multiplication. The odds that you know all 8,000 people that any of them do is pretty slim.
You think they can make mandatory regulations about APs without defining what they mean by AP? Of course they have to define which types of devices fall under which rules.
I speak as though this is largely a done deal for two reasons. First, the basic change officially went into effect June 2015 - the official time for comment is actually over and the rules are technically in effect. Secondly, the commission has indicated they aren't too open to different approaches- they pretty much plan to implement the rest of the proposal as-is. Hopefully that will change.
Coke, Charmin, Tide and other major national brands spend billions on TV advertising, putting their logos on race cars, blimps, and all sorts of non-clickable ads.
Notice I listed major national BRANDS, not major national PRODUCTS. It's all about branding. When you're ready to buy a router, you look and probably see options in three categories: Top brands, Cisco and Juniper. Brands you've never heard of, like Raytel. Brands you recognize but don't know much about.
Most people will prefer to avoid brands they've never heard of. Just having seen the name before increases our confidence in the product. Any ad gets them out of the lowest category, "never heard of that brand". It's also a required stepping stone before a brand can make it to "top brand" status like Cisco or BMW.
I'm on my (small) phone right now, so I'm not going to look up links right now.
I don't think the FCC sees beacon frames as a big deal in and of themselves. Rather, they've decided to put strict controls on APs. That requires defining what an AP is. Beaconing is a defining characteristic of APs and that's the one that happened to choose for their regulatory definition. As I mentioned, they are aware that pulls in some devices normally considered clients, such as cell phones and simple dumb dongles, but they have to have SOME definition, and they chose beacon frames as their definition.
U-NII is the 5Ghz band, used by 802.11a and 802.11. Your rPi will probably need to use an old WiFi dongle because for new sales, anything that is capable of sending beacon frames is classified by the FCC as an AP and must comply. The FCC has issued special guidance clarifying that items previously treated as client devices are now APs if they can beacon.
You'd think that if the FCC tried something so ham-fisted it would be news, it would be all over the tech sites. IT IS. The instruction to manufacturers is only two pages. You can read it as quickly as you can ponder about what it might say and discuss your guess.
You've clearly thought about what would be reasonable for the FCC to do, given their mandate. You then assumed that they've done what would be reasonable. Here are the -actual- requirements which manufacturers must now include in their application for FCC approval. (Link to FCC application requirements document below). This one makes it pretty clear, doesn't it?:
2. What prevents third parties from loading non-US versions of the software/firmware on the device? Describe in detail how the device is protected from âoeflashingâ and the installation of third-party firmware such as DD-WRT
You said " would be extremely surprised if any language in the proposal itself could be interpreted as... OpenWRT ". Well I guess you're surprised, because bam, they said it has to be protected from the installation of third-party firmware such an *WRT. Yeah, that's surprisingly unreasonable, which is why knowledgeable people are taking issue with it so much.
Here are a few more things that the FCC requires:
3. Describe in detail the authentication protocols that are in place to ensure that the source of the software/firmware is legitimate. Describe in detail how the software is protected against modification. 4. Describe in detail the verification protocols in place to ensure that installed software/firmware is legitimate. 5. Describe in detail any encryption methods used to support the use of legitimate software/firmware.
What you suggested, the -radio- settings being limited outside of the main OS on the device, is what I and other professionals are asking the FCC to do -instead-.
Your discussion of a general-purpose computer which happens to have an FCC-approved WiFi dongle (or mini-PCI card) attached shows how silly the FCC rule is, given that many routers in fact use FCC approved mini-PCI cards internally. Specifically, some Linksys models I've opened up have a standard mini-PCI card inside and it is (or possibly, was*) legal to sell the card without the plastic case and other bits that make up the Linksys router. Consumers could put that card onto any board, running any OS. But it's suddenly not legal to sell the same card preinstalled. That may sound too ridiculous to be true. Which is why we're trying to make it cease to be true.
* It's quite possibly illegal to sell the mini-PCI cards now because they are capable of generating beacon frames. The new rules say that anything which -can- generate a beacon frame is an AP. Which includes your Android phone that allows WiFi tethering. That's an AP now, and must have a locked bootloader. Yeah, that's beyond what the FCC should be doing to control radio power. It's a silly, ham-fisted approach. That's why we're writing the letters.
The summary says it's eMMC. MMC is basically SD cards. eMMC is embedded MMC - basically an SD card built-in.
Right now on Newegg you can get a pair of 128GB cards (256GB) for $69. http://www.newegg.com/Product/... So $280 per TB is current best pricing for MMC in Newegg.
Compare an actual SSD. Low-end best price at Newegg is $343 for a TB ($300 for 960GB), with better quality SSDs costing over $1,000.
Neither is TERRIBLY expensive for 8TB, if you really need 8TB of flash, but 8 1TB true SSDs would cost about the same as 8TB of MMC.
Have you read -about- the proposal and not read the proposal itself? The proposal specifically calls on manufacturers to prevent the use of OpenWRT, by name. OpenWRT is an operating system, not radio firmware.
The firmware in routers is very often Linux. Since Linux is open source, you can download the firmware for many routers and see for yourself. the firewall on the router is the same iptables firewall that runs on my desktop and my laptop. See OpenWRT and the *WRT distributions which are variants of the Linksys firmware for more.
Many of the manufacturers selling routers sold in big-box stores, such as Linksys, have wanted to save a couple of dollars by having a couple MB less memory, they've transitioned to another Unix-like OS that's tailored to lower memory devices, but it's still very much like the Linux they were using.
Below is the text of another comment a career security professional (myself) submitted to the FCC on this issue. Specifically, this is regarding the FCC's proposal to essentially outlaw open routers, by requiring that the firmware be boot-locked.
Based on 18 years of professional experience in network security, in both the private sector and government, the proposed rule causes significant concern for information security posture. There are three primary reasons. The legitimate goals of the FCC could be achieved in an alternate manner which does not cause the same widespread security vulnerabilities, by instead requiring that output power levels and any other critical parameters be limited to legal levels by a separate chip. This approach would be far superior to effectively banning proper security practice for the ENTIRE operating system and all utilities on the device, as the current proposal does.
1
The proposed rule which requires that manufacturers disallow firmware updates (other than signed manufacturer updates, typically provided for only a very short time), makes it much more difficult to prevent incidents such as the $45 million loss at TJX and the Target breach. In both cases, the victim companies were initially targeted because insecure wifi devices were in use. To reduce future occurrences of such breaches, it is imperative to be able to update devices which use wireless networking. Especially when a vulnerability such as Shellshock is discovered, it is imperative that risks be mitigated immediately.
Updates provided by the manufacturer may at first seem to be a possible solution, but are not actually a viable solution for two reasons. Manufacturers generally do not provide long-term updates, updates for devices more than about one-two years old. In many cases, no updates are offered at all to handle issues after the date of sale. It is not reasonable to anticipate that organizations and families will replace their network gear every year or two - firmware updates are needed, including for devices which are a few years old. Perhaps ESPECIALLY for devices which are a few years old.
Secondly, updates from the manufacturer are not a viable solution for more sensitive government and private organizations due to the response time required. In the first 24 hours after the release of Shellshock, thousands of systems were compromised. For many networks, it is critically important to mitigate the threat during this initial time frame. Manufacturer full updates were not available for several days to several months, as we first discussed the best long term solution and that solution propagated downstream from the authors, to the subsystem maintainers, distribution maintainers, OEM repackagers, and finally out to customers after testing at each level. In the meantime, temporary MITIGATIONS were performed on-site by network engineers and security contractors. These vital mitigations which protected sensitive networks in the interim would be illegal and prevented by manufacturer locks under the proposed rule. In simple terms, the proposal makes it illegal to manufacturer equipment which can be _quickly_ protected against new threats to our cyber security.
2
Another reason that the proposed rule is problematic is that the manufacturer default firmware, with all available features designed to be as easily accessible as possible, is not appropriate for any environment in which security is a concern. A central tenet of information security, and security in general, is that the attack surface should be as small as possible - services not needed for a particular installation should not be installed and enabled. The only software which definitely cannot be exploited is software which is not installed or not enabled. Therefore, the most secure firmware tends to be that with as many features _removed_ as possible, with only those items required for the current role installe
I'm curious what the development process is, especially for the software. It seems to me it would be very bad to have a bug show up while you're trying to image Pluto. It has to be reliable and bug-free, to the greatest extent possible. What techniques and processes are used to have a high degree of confidence that the code they are developing is absolutely correct? Are some of those processes applicable to other types of software development, in which finding and fixing bugs is expensive, though not nearly as expensive?
What he said is that Clinton's bungle had the -effect- of hurting her campaign. She didn't fuck it up -in order- to damage her campaign. And the Obama State Department has said very clearly many times that she fucked up. It was a political gaffe to "take credit" for exposing her incompetence or disinterest in doing her job.
Btw since some people take that joke seriously, here's what actually happened :
NASA spent dozens of dollars buying pens built to write upside down. After selling a handful of "upside down" pens to NASA, the company started marketing it as the "Space Pen".
Initially, the Russians had a problem with cosmonauts inhaling graphite dust as they wrote, until they too spent $20 on pens.
On the other hand, the AVERAGE time between when the federal government orders a PC until it's booted is 4 1/2 years. So they order (and pay for) new computers, which are mostly deprecated by the time they power on for the first time. These bureaucratic delays create an opportunity for suppliers. They get a contract at market price for current-gen computer specs, then years later deliver outdated and therefore cheaper equipment.
With the exception of Atlantic states and California, the rest of the country wants *more* independence from Washington ; at least they vote for it. They want something more like the federal system that the founders envisioned and codified in the Constitution with the enumerated powers. For example, they don't want Obama deciding what their kids eat for lunch.
The Constitution lists a dozen things that the national government is allowed to do and specifies that everything not listed is the domain of the states or the individuals. It seems the majority want it to be more like that - evidenced by the fact that they vote for representatives who campaign on that principle. I tend to agree - Texas isn't exactly like Washington DC or Maryland. We want to do some things differently than they do them in Maryland. Heck, the abundance of space, of available real estate, makes a big difference several times per day.
That's an interesting question. I only know PART of the answer. Two parts, to be precise.
First, there ARE procedures in place, and documents containing classified information are supposed to remain on the secure network, not be transferred to an insecure network (except in a defined way). It's supposed to be inconvenient (not "easy") to accidentally export top secret information. Employees who violate these policies can be fired or even jailed. Mrs. Clinton appears to have largely ignored these systems. When she RECIEVES classified information over an insecure channel, it's easy to forward that information through the same insecure channel.
Another point is that sensitive -information- is to be secured, not the paper it's printed on. Even if Clinton had used a separate secure channel to receive top secret information, only self-discipline can prevent her from blabbing about it at a cocktail party, or typing it up in an email. No -technical- means can stop her from saying things she knows (or suspects). It's the information that's classified, not the spund wave of the call she heard it on. Mrs. Clinton has gone to great lengths to confuse this issue.
That's an interesting thought. Parts of Europe did have a different model at that time. On the other hand, the UK was unified a hundred years before the Constitution. In other parts of the world, outside of Europe, nation states such as Egypt and Japan -FAR- existed for thousands of years.
I'm curious too how exactly that applies. It seems to me that the culture of Louisiana is quite different from Vermont, which is again quite different from Montana or Georgia. Do you think that the Creole people, the Cajuns, and others should have more of their own state, to be more along the lines of the nation state model?
What's the figure for the top 1% of people in Beverly Hills? How rich do you have to be to be in the top 1% of people who live on 5th Avenue? Does it matter?
You're in the top 1% of -people-.
As soon as you start saying "but but but I'm not in the top 1% of Vermont residents" you're playing a sad game of no true (rich) Scotsman in a vain attempt to pretend you're not doing better than the vast majority of people. You are richer than 99% of PEOPLE. So you're rich. Get over it.
You chose to move to a new place, although it was more expensive. Apparently the new place is -better-, or you would have stayed in the old place. In other words, you bought the advantages of living in the better place, and better stuff costs more. If you can afford to live in a nicer place, that's a sign that you ARE richer.
You observed that housing etc in some (better) places costs more, and used that to suggest that people who get to choose nicer places to live aren't doing better than those who can't afford to move to a nicer place. Let's try your same argument with transportation:
I assert "Mark Cuban is richer than most high-school students".
Your reply: "No, Mark's cost of transportation (private jet) is higher than the student's cost of transportation (bus). Therefore mark Cuban isn't actually much richer."
How about this one, which again is essentially the same as what you said:
Barak Obama's cost of entertainment (private concerts) is higher than mine, therefore he's not actually richer.
Yes, it costs more to live i Beverly Hills than it does to live in Sarajevo, but that cost represents the fact that it's BETTER to live in Beverly Hills than to live in Sarajevo. Paying Beverly Hills rent doesn't make you poor, it demonstrates that you're wealthy enough to buy in a nice neighborhood, and thereby buy the advantages of a nicer area.
On the other hand, the cost to live -under-a-bridge- eating out of dumpsters in Beverly Hills is about the same as the cost to live under a bridge anywhere else. Poor, poor you, you "have" to get a nice apartment, while other people get to spend less by living in slums overrun by gangs. Except you don't have to. You could go live int he slum, and keep your money in your wallet instead. Then, with huge amounts of cash in your wallet it would be obvious - even to you - that you're rich.
I could give you the number for people in the United States and you'd exclude yourself because you're not the top 1% of Orange County. If you are richer than 99% of people, then yeah, you're rich. Deal with it. Somebody else is even richer? Cry me a river.
Specifically, 99% of people live on less than $22,000 per year. So if your incom is higher than $22,000, you are the 1%. Whatever you say of "the 1%" you are saying of yourself.
Yeah, it's the same idea. Microphone inputs are much more sensitive than speakers, so it happens a lot if you use a long mic cable but don't use the correct type, or if a connection is broken in the mic cable.
Am radio is basically the audio signal added to the radio signal. An antenna is a wire, and a wire is an antenna. So if you have a wire hooked up to a sound input which somehow does process the radio signal (such as by not being fast enough to do so), you can easily end up with just the AM audio coming through the wire/antenna to the audio input.
Which standards does links violate? As far as I know, ignoring tags (including script tags) is perfectly compliant with all standards.
It leaves out some features, of course. There are some things it does not do, but that's fundamentally different than doing it WRONG, as IE and Edge do.
Taximeters are tested for certification. The official takes it on a measured course and checks that it gives the correct mileage. Typically, it's allowed to be around 4% under or 2% over, something like that so to be safe you try to make it 1% under, which gives you 3% margin of error either way.
I was involved in designing and implementing an app called Cross Cabbie. We're more accurate than the traditional meters.
Actually the city councilman I mentioned, who is my stepdaughters' half-brother, grew up one block from crackville. His stepmom was a streetwalker for a while. So not exactly rich and entitled. Your neighborhood has a state representative too. That's a representative to your STATE legislature, not Congress. It might be interesting to look up who your state rep and city council reps are - they're your neighbors, quite unlike the US Senate.
If you think you know everyone who your pastor, your dad, AND your teacher talk to, and you're not in a very small town, you might want to talk to your teacher - because you need to review multiplication. The odds that you know all 8,000 people that any of them do is pretty slim.
You think they can make mandatory regulations about APs without defining what they mean by AP? Of course they have to define which types of devices fall under which rules.
I speak as though this is largely a done deal for two reasons. First, the basic change officially went into effect June 2015 - the official time for comment is actually over and the rules are technically in effect. Secondly, the commission has indicated they aren't too open to different approaches- they pretty much plan to implement the rest of the proposal as-is. Hopefully that will change.
Coke, Charmin, Tide and other major national brands spend billions on TV advertising, putting their logos on race cars, blimps, and all sorts of non-clickable ads.
Notice I listed major national BRANDS, not major national PRODUCTS. It's all about branding. When you're ready to buy a router, you look and probably see options in three categories:
Top brands, Cisco and Juniper.
Brands you've never heard of, like Raytel.
Brands you recognize but don't know much about.
Most people will prefer to avoid brands they've never heard of. Just having seen the name before increases our confidence in the product. Any ad gets them out of the lowest category, "never heard of that brand". It's also a required stepping stone before a brand can make it to "top brand" status like Cisco or BMW.
I'm on my (small) phone right now, so I'm not going to look up links right now.
I don't think the FCC sees beacon frames as a big deal in and of themselves. Rather, they've decided to put strict controls on APs. That requires defining what an AP is. Beaconing is a defining characteristic of APs and that's the one that happened to choose for their regulatory definition. As I mentioned, they are aware that pulls in some devices normally considered clients, such as cell phones and simple dumb dongles, but they have to have SOME definition, and they chose beacon frames as their definition.
U-NII is the 5Ghz band, used by 802.11a and 802.11.
Your rPi will probably need to use an old WiFi dongle because for new sales, anything that is capable of sending beacon frames is classified by the FCC as an AP and must comply. The FCC has issued special guidance clarifying that items previously treated as client devices are now APs if they can beacon.
You'd think that if the FCC tried something so ham-fisted it would be news, it would be all over the tech sites. IT IS. The instruction to manufacturers is only two pages. You can read it as quickly as you can ponder about what it might say and discuss your guess.
> (Dang English and all the Homophones.... )
Those homos annoy you, eh?
You've clearly thought about what would be reasonable for the FCC to do, given their mandate. You then assumed that they've done what would be reasonable. Here are the -actual- requirements which manufacturers must now include in their application for FCC approval. (Link to FCC application requirements document below). This one makes it pretty clear, doesn't it?:
2. What prevents third parties from loading non-US versions of the
software/firmware on the device? Describe in detail how the device is protected
from âoeflashingâ and the installation of third-party firmware such as DD-WRT
You said " would be extremely surprised if any language in the proposal itself could be interpreted as ... OpenWRT ". Well I guess you're surprised, because bam, they said it has to be protected from the installation of third-party firmware such an *WRT. Yeah, that's surprisingly unreasonable, which is why knowledgeable people are taking issue with it so much.
Here are a few more things that the FCC requires:
3. Describe in detail the authentication protocols that are in place to ensure that the
source of the software/firmware is legitimate. Describe in detail how the software
is protected against modification.
4. Describe in detail the verification protocols in place to ensure that installed
software/firmware is legitimate.
5. Describe in detail any encryption methods used to support the use of legitimate
software/firmware.
https://apps.fcc.gov/kdb/GetAt...
What you suggested, the -radio- settings being limited outside of the main OS on the device, is what I and other professionals are asking the FCC to do -instead-.
Your discussion of a general-purpose computer which happens to have an FCC-approved WiFi dongle (or mini-PCI card) attached shows how silly the FCC rule is, given that many routers in fact use FCC approved mini-PCI cards internally. Specifically, some Linksys models I've opened up have a standard mini-PCI card inside and it is (or possibly, was*) legal to sell the card without the plastic case and other bits that make up the Linksys router. Consumers could put that card onto any board, running any OS. But it's suddenly not legal to sell the same card preinstalled. That may sound too ridiculous to be true. Which is why we're trying to make it cease to be true.
* It's quite possibly illegal to sell the mini-PCI cards now because they are capable of generating beacon frames. The new rules say that anything which -can- generate a beacon frame is an AP. Which includes your Android phone that allows WiFi tethering. That's an AP now, and must have a locked bootloader. Yeah, that's beyond what the FCC should be doing to control radio power. It's a silly, ham-fisted approach. That's why we're writing the letters.
The summary says it's eMMC. MMC is basically SD cards. eMMC is embedded MMC - basically an SD card built-in.
Right now on Newegg you can get a pair of 128GB cards (256GB) for $69.
http://www.newegg.com/Product/...
So $280 per TB is current best pricing for MMC in Newegg.
Compare an actual SSD. Low-end best price at Newegg is $343 for a TB ($300 for 960GB), with better quality SSDs costing over $1,000.
Neither is TERRIBLY expensive for 8TB, if you really need 8TB of flash, but 8 1TB true SSDs would cost about the same as 8TB of MMC.
Have you read -about- the proposal and not read the proposal itself?
The proposal specifically calls on manufacturers to prevent the use of OpenWRT, by name. OpenWRT is an operating system, not radio firmware.
The firmware in routers is very often Linux. Since Linux is open source, you can download the firmware for many routers and see for yourself. the firewall on the router is the same iptables firewall that runs on my desktop and my laptop. See OpenWRT and the *WRT distributions which are variants of the Linksys firmware for more.
Many of the manufacturers selling routers sold in big-box stores, such as Linksys, have wanted to save a couple of dollars by having a couple MB less memory, they've transitioned to another Unix-like OS that's tailored to lower memory devices, but it's still very much like the Linux they were using.
Below is the text of another comment a career security professional (myself) submitted to the FCC on this issue. Specifically, this is regarding the FCC's proposal to essentially outlaw open routers, by requiring that the firmware be boot-locked.
Based on 18 years of professional experience in network security, in both the private sector and government, the proposed rule causes significant concern for information security posture. There are three primary reasons. The legitimate goals of the FCC could be achieved in an alternate manner which does not cause the same widespread security vulnerabilities, by instead requiring that output power levels and any other critical parameters be limited to legal levels by a separate chip. This approach would be far superior to effectively banning proper security practice for the ENTIRE operating system and all utilities on the device, as the current proposal does.
1
The proposed rule which requires that manufacturers disallow firmware updates (other than signed manufacturer updates, typically provided for only a very short time), makes it much more difficult to prevent incidents such as the $45 million loss at TJX and the Target breach. In both cases, the victim companies were initially targeted because insecure wifi devices were in use. To reduce future occurrences of such breaches, it is imperative to be able to update devices which use wireless networking. Especially when a vulnerability such as Shellshock is discovered, it is imperative that risks be mitigated immediately.
Updates provided by the manufacturer may at first seem to be a possible solution, but are not actually a viable solution for two reasons. Manufacturers generally do not provide long-term updates, updates for devices more than about one-two years old. In many cases, no updates are offered at all to handle issues after the date of sale. It is not reasonable to anticipate that organizations and families will replace their network gear every year or two - firmware updates are needed, including for devices which are a few years old. Perhaps ESPECIALLY for devices which are a few years old.
Secondly, updates from the manufacturer are not a viable solution for more sensitive government and private organizations due to the response time required. In the first 24 hours after the release of Shellshock, thousands of systems were compromised. For many networks, it is critically important to mitigate the threat during this initial time frame. Manufacturer full updates were not available for several days to several months, as we first discussed the best long term solution and that solution propagated downstream from the authors, to the subsystem maintainers, distribution maintainers, OEM repackagers, and finally out to customers after testing at each level. In the meantime, temporary MITIGATIONS were performed on-site by network engineers and security contractors. These vital mitigations which protected sensitive networks in the interim would be illegal and prevented by manufacturer locks under the proposed rule. In simple terms, the proposal makes it illegal to manufacturer equipment which can be _quickly_ protected against new threats to our cyber security.
2
Another reason that the proposed rule is problematic is that the manufacturer default firmware, with all available features designed to be as easily accessible as possible, is not appropriate for any environment in which security is a concern. A central tenet of information security, and security in general, is that the attack surface should be as small as possible - services not needed for a particular installation should not be installed and enabled. The only software which definitely cannot be exploited is software which is not installed or not enabled. Therefore, the most secure firmware tends to be that with as many features _removed_ as possible, with only those items required for the current role installe
I'm curious what the development process is, especially for the software. It seems to me it would be very bad to have a bug show up while you're trying to image Pluto. It has to be reliable and bug-free, to the greatest extent possible. What techniques and processes are used to have a high degree of confidence that the code they are developing is absolutely correct? Are some of those processes applicable to other types of software development, in which finding and fixing bugs is expensive, though not nearly as expensive?
What he said is that Clinton's bungle had the -effect- of hurting her campaign. She didn't fuck it up -in order- to damage her campaign. And the Obama State Department has said very clearly many times that she fucked up. It was a political gaffe to "take credit" for exposing her incompetence or disinterest in doing her job.
Btw since some people take that joke seriously, here's what actually happened :
NASA spent dozens of dollars buying pens built to write upside down. After selling a handful of "upside down" pens to NASA, the company started marketing it as the "Space Pen".
Initially, the Russians had a problem with cosmonauts inhaling graphite dust as they wrote, until they too spent $20 on pens.
On the other hand, the AVERAGE time between when the federal government orders a PC until it's booted is 4 1/2 years. So they order (and pay for) new computers, which are mostly deprecated by the time they power on for the first time. These bureaucratic delays create an opportunity for suppliers. They get a contract at market price for current-gen computer specs, then years later deliver outdated and therefore cheaper equipment.
With the exception of Atlantic states and California, the rest of the country wants *more* independence from Washington ; at least they vote for it. They want something more like the federal system that the founders envisioned and codified in the Constitution with the enumerated powers. For example, they don't want Obama deciding what their kids eat for lunch.
The Constitution lists a dozen things that the national government is allowed to do and specifies that everything not listed is the domain of the states or the individuals. It seems the majority want it to be more like that - evidenced by the fact that they vote for representatives who campaign on that principle. I tend to agree - Texas isn't exactly like Washington DC or Maryland. We want to do some things differently than they do them in Maryland. Heck, the abundance of space, of available real estate, makes a big difference several times per day.
That's an interesting question. I only know PART of the answer. Two parts, to be precise.
First, there ARE procedures in place, and documents containing classified information are supposed to remain on the secure network, not be transferred to an insecure network (except in a defined way). It's supposed to be inconvenient (not "easy") to accidentally export top secret information. Employees who violate these policies can be fired or even jailed. Mrs. Clinton appears to have largely ignored these systems. When she RECIEVES classified information over an insecure channel, it's easy to forward that information through the same insecure channel.
Another point is that sensitive -information- is to be secured, not the paper it's printed on. Even if Clinton had used a separate secure channel to receive top secret information, only self-discipline can prevent her from blabbing about it at a cocktail party, or typing it up in an email. No -technical- means can stop her from saying things she knows (or suspects). It's the information that's classified, not the spund wave of the call she heard it on. Mrs. Clinton has gone to great lengths to confuse this issue.
That's an interesting thought. Parts of Europe did have a different model at that time. On the other hand, the UK was unified a hundred years before the Constitution. In other parts of the world, outside of Europe, nation states such as Egypt and Japan -FAR- existed for thousands of years.
I'm curious too how exactly that applies. It seems to me that the culture of Louisiana is quite different from Vermont, which is again quite different from Montana or Georgia. Do you think that the Creole people, the Cajuns, and others should have more of their own state, to be more along the lines of the nation state model?
I missed a word. Her initial statement was that there was NO classified information on the server.
That changed to "didn't send or receive classified documents", then "didn't send", then "didn't mark".