Well, whatever your situation or thoughts may be, the fact remains that I exist. Though I perhaps not as well known as Robert, my contributions to the technologies we're using to communicate right now are well documented. I didn't go $60,000 into debt to do so. I read the books myself, and did not pay a professor to stand in front of me doing the lecture. I DID watch a lot of well-known experts present information on video. These arw the facts. Your path is your path, but it's not the only path.
See also Winterbottom v. Wright (1842). Winterbottom, a postal service wagon driver, was injured due to a defective wagon wheel. Winterbottom sued. Held: The wagon was provided to Winterbottom by the postmaster. Winterbottom can file a claim only against the postmaster, with whom he has dealings.
It is the postmaster who received assurances from Wright, so the postmaster can sue Wright. Winterbottom cannot "skip a step" and sue Wright.
Later cases clarified that if the manufacturer KNOWS the product is defective, and they intentionally or recklessly put a defective product into the marketplace, that's a tort (an unlawful act causing injury). In such a case, if neither the retailer nor the purchaser is able to discover the defect, the manufacturer may be liable because of their unlawful act which is intentional or reckless.
If a third-party could prove that not was the car defective, but the manufacturer knew it was defective, they could recover from the manufacturer. It would be a heck of a lot easier, cheaper, and more winnable to just recover from the person who put the car on the road, though, the person who commanded it to go drive on the public road. They are definitely liable.
There are other fine points and many cases on the subject. I don't have time to write a book about it, but those are the big principles.
In any event, in the self-driving car case, in practical reality for the foreseeable future, the manufacturer will also be insuring the driver, so they'll end up paying either way. Doesn't matter if they pay because they are the owner's insurer or if the pay because they are the manufacturer - either way they'll be the ones to pay.
About 1,500 artists currently have active contracts with record labels in the US.
About 15 million artists are listed on Myspace.
You seem to be thinking that only artists advertised by a major label are worth listening too. Most artists featured in marketing campaigns by major labels are signed to the labels that market them, yes. The question is, are you looking for marketing, or for music? The labels provide most of the marketing, and 0.0001% of the music.
99.9% of musicians DO retain their full rights, and don't sign over anything to record companies.
Of course, record companies aren't going to spend millions of dollars promoting an album they don't own / can't sell exclusively. Heck they won't even spend a million producing an album that they don't have exclusive rights to.
Therefore, 99.9% of artists can be found on Myspace and YouTube, not in the Columbia rack at Best Buy.
> It's not really 438 people, it's 438 third-party applications and therefore 438 organisations.
Good point. I guess some organizers could have made more than one app, so technically up to 438 organizations, but your point stands.
> it seems quite misleading to go out and say that there is no evidence that this was used.
I've been doing cybersecurity professionally for fifteen years. Every day I and my team find thousands of vulnerabilities. Essentially every company has vulnerabilities. Two days ago was patch Tuesday. Microsoft released fixes for 37 new vulnerabilities, just like they do every month. Everybody using Windows is vulnerable to all kinds of stuff, dozens of new ones every month.
Heck, it would probably be accurate to say 95% of all software applications have vulnerabilities. So if you want to know roughly how many vulnerabilities your organization has, count up how many software applications you use. That's probably about how many vulnerabilities you have, within an order of magnitude.
So roughly all of our customers were vulnerable to at least some of Windows vulnerabilities that were released Tuesday. How many were breeched? Approximately none. Our company also does intrusion detection, and successful breeches are orders of magnitude less common than vulnerabilities. As a professional, these are two very, very different findings I can make:
1. A company has a specific vulnerability (much like all the vulnerabilities every other company has).
2. There is evidence of an actual breech.
These are very different things. One is as common as water, the other is a major event. It would be very misleading to conflate the two.
There were 400 people who could have accessed a list og names and email addresses if they figured out how, and there is no reason to believe any of them did.
If that's the standard for a situation that has to be reported, nearly every company in the world has a situation to report, because there are 400 people who can access customer data, if they figure out how.
For every large company, 400 employees have some access to customer data. For all the smaller companies, half of the attendees at Defcon (7,000 people) could access their data - and that's 7,000 people just in one room.
Actually never mind hackers, have you ever heard of a phone book? That's a much larger list of names, and the phone book even includes physical addresses. It's delivered to everyone, not just available to a few hundred people.
If it were credit card information, as opposed to phone book information, that would have been different. My company once had a potential vulnerability that could, in theory, expose credit cards, though that was unlikely. I personally called every customer who could have been affected and let them know they should check their credit card statement just in case.
> The ONLY reason is so the person can't call you back directly
Mine sets the caller ID so that they CAN call back, or see who is calling. So precisely the opposite of what you thought the "ONLY" use is. And in order to make the caller OD be accurate, we have to set it ("spoof" it) to be a number we don't control.
It's a local non-profit organization, made up of several volunteers who can help people in certain situations. Other cities have similar organizations. People needing help can call us. Most of the calls are asking the same question, so a recording can answer that question, but a few people need to talk to a live immediately. People who need help call and get basically two options: For location and directions, press 1 To talk to a live person, press 2
If they press 2 to talk to a live person, the system forwards the calls, dialing out to volunteers until it finds a volunteer who can answer. This is called call hunting, or a hunt group - finding someone who can take the call. It then routes the incoming call to the volunteer.
In order for the caller ID to be *accurate*, our system sets the caller ID on the outgoing calls to be - the number of the person who is calling. If Fred calls, the person receiving the call gets Fred's number on the caller ID, because Fred is calling.
The phone company has no way of knowing that Fred is on the other side of the call. They only know that our system is making / routing a call out.
Other people have posted other valid uses, largely around making the caller ID accurate or useful. The thing is, the phone company doesn't know who initiated the call, only which system is routing the call to them. They have no technical means to restrict it to be accurate about who initiated the call because they have no way of knowing who initiated the call.
If by chance you're familiar with network routing, it works the same way. Suppose your router tells your computer "I have an incoming connection for you from 123.45.67.89â. Can your computer know if the router is telling the truth? Nope, your computer only knows that your router at 192.168.1.1 is trying to pass the connection to you. It has no way of knowing where the connection originated, other than to trust all of the routers along the way.
First let's be clear it's not about fault, it's about liability. It's a question of who needs to pay the bill to get the damage fixed, not who is a bad boy.
If my dog bit your kid, causing damage, you could expect me to pay for at least the medical bills, because it's my dog. I'd like to not because I did anything wrong, but because it's my dog that did the damage.
Just by getting a dog I took on the risk that the dog would cause damage. (You and your kid didn't choose for me to get the dog, and so didn't assume the risk).
If my car slips out of park and rolls down the hill, hitting your car, I could expect me to pay to fix the dent. I'd be liable because it's my car that did the damage, not because I necessarily did anything wrong.
I do pyrotechnics (fireworks). I'm VERY careful, reminding professionals I work with of the safety procedures. If my fireworks do any damage, the owner can expect me to pay for it. Not because I did anything wrong, but because it's my fireworks that burned the paint on their car.
Separately, if my new car tends to slip of out gear and roll down even very gentle slopes I may expect the manufacturer to compensate me for any damage, and fix the car. The manufacturer may be liable to me, if the car shouldn't have done that. The manufacturer and I could argue about whether I parked it on a slope that's far to steep, or argue about tif I should have used the parking brake.
If my car hits your car, it doesn't matter TO YOU whether or not I used the parking brake. My car hits yours, so I need to fix the damage. You don't care whether or not I recoup the money from the manufacturer. You just know that my car rolled into yours, and you rightly expect me to cover the costs.
Hopefully I bought insurance which will cover my cost in all of the above scenarios, but again that's of no consequence to you. You'd expect me to cover any damage causes by my stuff whether I get the money from my savings or from my insurance company.
In the specific case of *fully* autonomous cars, probably the owner would say it's the manufacturers fault almost every time. Perhaps the owner sent the car out in a blizzard and that's their fault, but most times the owner will want the manufacturer to pay. Because of that, for the practical purpose of avoiding law suits it's convenient to have the manufacturer serve as the owner's insurance company. That way the manufacturer/insurer will pay either way, whether it's the owner's fault or the manufacturer's fault. Doesn't matter whoee fault it is if the manufacturer also provides the owner with insurance that covers any fault the owner may have.
> What on earth does my occupation have to do with this and why should it have anything to do with the topic at hand?
Just curious why you're so intent on insisting that my life doesn't exist. It *seems* kinda like for whatever reason you have some vested interest in insisting that one can't learn this stuff without incurring massive debt. One reason a person might take that position would be if they were SELLING $60,000 degrees. Another reason would be if they had spent $60,000 they couldn't afford and don't want to feel foolish about that decision. I'm sure there are other reasons someone might be invested in such an idea. Just curious what your reason is.
> Why would Georgia Tech's online masters course be any different?
Because being different from the centuries-old educational model is pretty much what the program is all about. They started with a blank slate and asked "what's the best and most efficient way for people to learn this material, given current technology and the current world?". Most programs start with the traditional university model which was created at the University of Paris and Oxford in the 12th century, then make small adjustments.
What about it? Are you asking whether the owner of rhe vehicle will be liable, or the manufacturer?
Both. The manufacturer will ultimately pay the bill, but I I buy a device and send my device out on the road, where it injures you, you're claim is against me.
Just as I as a driver have an agreement with an insurance company to cover my liability, the owner of an autonomous vehicle have coverage from the manufacturer. Essentially the manufacturer serves the same role as an insurance company as far as how a suit would proceed. This makes sense because it avoids the need to deal with the question of whether the owner or the manufacturer is at fault - the manufacturer is going to pay the bill anyway.
Thanks for the reminder. I had seen that before but forgot.
You are correct, it is slated foe removal after it is replaced with Certification Authority Authorization and Expect Certificate Transparency. High risk sites such as banks can implement both pinning and Expect-CT, along with HSTS, to be protected both now and in the future.
Before implementing pinning, one should consider the potential problems that can occur if you lose your key and make darn sure there is a secured off-site backup of the key.
You do realize that the very fastest in country, competing in the unlimited class, are by definition highly unusual, right?
The average hobbiest runner runs about 8 MPH. The average person slower than that. Usain Bolt goes 28 MPH. Pretending that world record numbers are typical would be pretty silly.
> > Every browser should track every certificate and scream blue murder if the certificate is ever changed : "alert alert alert, this website you've been dealing with for 3 years suddenly has a new certificate from a new authority, go see WTF is happening".
> Except that nobody has come up with a better way
The better way is called "certificate pinning" and it works just the way the GP described. Your browser won't accept a Symantec certificate for Google.com because it knows Google gets its certificates from a different CA.
Certificate pinning is opt-in for web sites, sites can decide if they want their certificate pinned, because they may want to change CAs in the future.
> But most of the current furor over abuse and privacy and safety are about precisely the "second" set of drones you mention. In common usage, those are what most people mean by drones, and they are what will be affected most strongly by removing section 336
I suspect most of the fear and furor is from confusing the second set, toys, with the third set, large commercial vehicles ala Amazon. If people are seriously worried about their safety from other people playing with toys, they are not well informed about the topic. I have the most common "large" size quadcopter, same size as the DJI Phantom, and I've grabbed it by the rotor while it was flying. Didn't hurt. The plastic props arw *designed* to not cause injury. The prop on my model plane did hurt. Not enough to cause lasting injury, but a bandaid was appropriate. The "drone" prop didn't merit a band-aid.
If you're concerned about YOU getting injured because I play with a toy, I invite you to come check it out and see what it's like. I suspect you'll be particularly surprised how light it is. The physics of flight are a bit complicated, but all kinds of flight equations end up with the same conclusion - the lighter the better for flight, and very much so. I'll also invite you to feel the nylon props and I think you'll be surprised how soft they are - a bit harder than a pencil eraser.
As it happens, other government agencies are pretty picky about the safety of toys. Toys aren't supposed to injure the people using them, so anyone who isn't even touching the toy is pretty darn safe. Someone riding a bike is much more likely to hurt you - bikes are much, much heavier, and made of metal. Model aircraft are made of plastic and foam.
The section in question applies to small model planes uses only for recreation (no commercial use). In other words, toys. For decades model aircraft have been just fine using compliance with AMA rules, without a bunch of paperwork with the FAA for each foam plane.
The word "drone", used in the title, has at least three completely different meanings.
In the military, a "drone" is an aircraft, normally fixed-wing (an airplane) which has some degree of ability to operate autonomously.
Around the same time that new military drones were in the news, toy helicopters with four motors (quadcopters) became popular. Advertisers capitalized on the media coverage of military drones by calling these toys "drones", though they can in no way fly autonomously. Most can't go more than about 100 meters from the operator (though a few can go further).
Thirdly, although the physics are such that quadcopters are horrible for scaling up, some people thought about building 2 meter sized quadcopters and using them commercially. There have been some serious proposals, but largely that's gimmick to get attention because the physics don't work out very well. Anyway, that's a third thing called "drone" that's very different from military jets, and very different from little plastic toys.
Talking about what laws should be for "drones" doesn't make much sense because military jet planes are called drones, little plastic toys are called drones, and motorcycle-sized commercial aircraft are called drones. Talking about laws for "drones" is pointless, or worse, highly misleading, unless you first define which kind of "drone" you're talking about.
Section 336 is about model aircraft, little foam and plastic toys. Getting rid of it won't solve any concerns anyone may have with anything else called "drone", such as the commercial use vehicles Amazon talks about.
If you're talking directly to the origin server, you're trusting a) the public certificate authority.
If you're talking to a proxy, which then talks to the origin server, you're trusting:
a) Your local admins not only set up the proxy securely, but have kept updating the configuration every few months to stay up with the latest attacks.
b) The proxy vendor got it right, and keeps it updated.
c) the proxy server (which has the unecrypted data) hasn't been compromised
d) the certificate authority
The proxy is strictly weaker, in an absolute sense, because it requires trusting the certificate authority PLUS trusting the local admins get it right and keep it right, PLUS trusting the vendor of the proxy. You have to trust the same original CA plus two more groups of people, plus trust that the proxy server itself is insecure, that the server OS etc hasn't been exploited.
Therefore the proxy is more dangerous in an absolute, mathematical sense. It's not even debatable because adding more ways to fail *always* makes it weaker.
I'm not sure I'm understanding your question. Can you rephrase it?
I'm curious about your situation - are you employed by a university, or do you have $60,000 in student loans that you hope are worth it? For some reason you seem VERY resistant to the idea that people, including myself, can and did learn this stuff without spending $60,000 on the basics, before starting work. I'm wondering why that could be.
Some of those expensive university comp sci courses used a book my mom wrote. She didn't have $60,000 in student loans when she *wrote* the book, so...
As you correctly stated, they can't void the warranty regarding unrelated problems because a customer used unauthorized parts. In other words, if you put in a knock-off keyboard, then later have a problem with the screen, they can't say the screen isn't warranteed because you replaced the keyboard.
Where do you see them trying to do that? The Magnuson-Moss Warranty Act is about warranties (hence the name). It doesn't say "manufacturers mist make it easy to repair products". It doesn't say "manufacturers must somehow make sure that knock off parts always work right". It only says that the warranty on part A can't be conditioned on using OEM part B.
I gave you the link to the law. Yet rather than reading it you keeping wishing about it. Do you think it's going to change if you keep typing? The US Code actually isn't social media, nothing you post here is going to change the Magnuson-Moss Act. No matter how much we might wish it said whatever, it says what it says.
Average cost of $15,000 minus $3,000 tax credit = $12,00
Want to dig some more, or maybe now you know that some of us found a way to a six-figure salary without any student loan debt at all, you could consider that you could do the same. You could trade in your excuses for a $100,000 / year X 10 years = $1 million. Which would you rather have, a million dollars, or your excuse? Your choice.
Slashdot Mirror
Well, whatever your situation or thoughts may be, the fact remains that I exist. Though I perhaps not as well known as Robert, my contributions to the technologies we're using to communicate right now are well documented. I didn't go $60,000 into debt to do so. I read the books myself, and did not pay a professor to stand in front of me doing the lecture. I DID watch a lot of well-known experts present information on video. These arw the facts. Your path is your path, but it's not the only path.
The term to Google is "privity of contract".
See also Winterbottom v. Wright (1842). Winterbottom, a postal service wagon driver, was injured due to a defective wagon wheel. Winterbottom sued.
Held:
The wagon was provided to Winterbottom by the postmaster. Winterbottom can file a claim only against the postmaster, with whom he has dealings.
It is the postmaster who received assurances from Wright, so the postmaster can sue Wright. Winterbottom cannot "skip a step" and sue Wright.
Later cases clarified that if the manufacturer KNOWS the product is defective, and they intentionally or recklessly put a defective product into the marketplace, that's a tort (an unlawful act causing injury). In such a case, if neither the retailer nor the purchaser is able to discover the defect, the manufacturer may be liable because of their unlawful act which is intentional or reckless.
If a third-party could prove that not was the car defective, but the manufacturer knew it was defective, they could recover from the manufacturer. It would be a heck of a lot easier, cheaper, and more winnable to just recover from the person who put the car on the road, though, the person who commanded it to go drive on the public road. They are definitely liable.
There are other fine points and many cases on the subject. I don't have time to write a book about it, but those are the big principles.
In any event, in the self-driving car case, in practical reality for the foreseeable future, the manufacturer will also be insuring the driver, so they'll end up paying either way. Doesn't matter if they pay because they are the owner's insurer or if the pay because they are the manufacturer - either way they'll be the ones to pay.
About 1,500 artists currently have active contracts with record labels in the US.
About 15 million artists are listed on Myspace.
You seem to be thinking that only artists advertised by a major label are worth listening too. Most artists featured in marketing campaigns by major labels are signed to the labels that market them, yes. The question is, are you looking for marketing, or for music? The labels provide most of the marketing, and 0.0001% of the music.
99.9% of musicians DO retain their full rights, and don't sign over anything to record companies.
Of course, record companies aren't going to spend millions of dollars promoting an album they don't own / can't sell exclusively. Heck they won't even spend a million producing an album that they don't have exclusive rights to.
Therefore, 99.9% of artists can be found on Myspace and YouTube, not in the Columbia rack at Best Buy.
> yeah right. they are spending billions over many years on something that isn't selling.
Yeah Microsoft would never spend 18 years
https://en.m.wikipedia.org/wik... and lose $30 billion
https://en.m.wikipedia.org/wik... on a platform that wasn't selling well. It's guaranteed to be a success https://www.theverge.com/2016/... if Microsoft spends billions on it.
Did you type that in a Lumia?
> It's not really 438 people, it's 438 third-party applications and therefore 438 organisations.
Good point. I guess some organizers could have made more than one app, so technically up to 438 organizations, but your point stands.
> it seems quite misleading to go out and say that there is no evidence that this was used.
I've been doing cybersecurity professionally for fifteen years. Every day I and my team find thousands of vulnerabilities. Essentially every company has vulnerabilities. Two days ago was patch Tuesday. Microsoft released fixes for 37 new vulnerabilities, just like they do every month. Everybody using Windows is vulnerable to all kinds of stuff, dozens of new ones every month.
Heck, it would probably be accurate to say 95% of all software applications have vulnerabilities. So if you want to know roughly how many vulnerabilities your organization has, count up how many software applications you use. That's probably about how many vulnerabilities you have, within an order of magnitude.
So roughly all of our customers were vulnerable to at least some of Windows vulnerabilities that were released Tuesday. How many were breeched? Approximately none. Our company also does intrusion detection, and successful breeches are orders of magnitude less common than vulnerabilities. As a professional, these are two very, very different findings I can make:
1. A company has a specific vulnerability (much like all the vulnerabilities every other company has).
2. There is evidence of an actual breech.
These are very different things. One is as common as water, the other is a major event. It would be very misleading to conflate the two.
There were 400 people who could have accessed a list og names and email addresses if they figured out how, and there is no reason to believe any of them did.
If that's the standard for a situation that has to be reported, nearly every company in the world has a situation to report, because there are 400 people who can access customer data, if they figure out how.
For every large company, 400 employees have some access to customer data. For all the smaller companies, half of the attendees at Defcon (7,000 people) could access their data - and that's 7,000 people just in one room.
Actually never mind hackers, have you ever heard of a phone book? That's a much larger list of names, and the phone book even includes physical addresses. It's delivered to everyone, not just available to a few hundred people.
If it were credit card information, as opposed to phone book information, that would have been different. My company once had a potential vulnerability that could, in theory, expose credit cards, though that was unlikely. I personally called every customer who could have been affected and let them know they should check their credit card statement just in case.
> The ONLY reason is so the person can't call you back directly
Mine sets the caller ID so that they CAN call back, or see who is calling. So precisely the opposite of what you thought the "ONLY" use is. And in order to make the caller OD be accurate, we have to set it ("spoof" it) to be a number we don't control.
It's a local non-profit organization, made up of several volunteers who can help people in certain situations. Other cities have similar organizations. People needing help can call us. Most of the calls are asking the same question, so a recording can answer that question, but a few people need to talk to a live immediately. People who need help call and get basically two options:
For location and directions, press 1
To talk to a live person, press 2
If they press 2 to talk to a live person, the system forwards the calls, dialing out to volunteers until it finds a volunteer who can answer. This is called call hunting, or a hunt group - finding someone who can take the call. It then routes the incoming call to the volunteer.
In order for the caller ID to be *accurate*, our system sets the caller ID on the outgoing calls to be - the number of the person who is calling. If Fred calls, the person receiving the call gets Fred's number on the caller ID, because Fred is calling.
The phone company has no way of knowing that Fred is on the other side of the call. They only know that our system is making / routing a call out.
Other people have posted other valid uses, largely around making the caller ID accurate or useful. The thing is, the phone company doesn't know who initiated the call, only which system is routing the call to them. They have no technical means to restrict it to be accurate about who initiated the call because they have no way of knowing who initiated the call.
If by chance you're familiar with network routing, it works the same way. Suppose your router tells your computer "I have an incoming connection for you from 123.45.67.89â. Can your computer know if the router is telling the truth? Nope, your computer only knows that your router at 192.168.1.1 is trying to pass the connection to you. It has no way of knowing where the connection originated, other than to trust all of the routers along the way.
I have a typo above. Instead of:
I'd like to not because I did anything wrong, but because it's my dog that did the damage.
That should be
I'm liable not because I did anything wrong, but because it's my dog that did the damage.
First let's be clear it's not about fault, it's about liability.
It's a question of who needs to pay the bill to get the damage fixed, not who is a bad boy.
If my dog bit your kid, causing damage, you could expect me to pay for at least the medical bills, because it's my dog. I'd like to not because I did anything wrong, but because it's my dog that did the damage.
Just by getting a dog I took on the risk that the dog would cause damage. (You and your kid didn't choose for me to get the dog, and so didn't assume the risk).
If my car slips out of park and rolls down the hill, hitting your car, I could expect me to pay to fix the dent. I'd be liable because it's my car that did the damage, not because I necessarily did anything wrong.
I do pyrotechnics (fireworks). I'm VERY careful, reminding professionals I work with of the safety procedures. If my fireworks do any damage, the owner can expect me to pay for it. Not because I did anything wrong, but because it's my fireworks that burned the paint on their car.
Separately, if my new car tends to slip of out gear and roll down even very gentle slopes I may expect the manufacturer to compensate me for any damage, and fix the car. The manufacturer may be liable to me, if the car shouldn't have done that. The manufacturer and I could argue about whether I parked it on a slope that's far to steep, or argue about tif I should have used the parking brake.
If my car hits your car, it doesn't matter TO YOU whether or not I used the parking brake. My car hits yours, so I need to fix the damage. You don't care whether or not I recoup the money from the manufacturer. You just know that my car rolled into yours, and you rightly expect me to cover the costs.
Hopefully I bought insurance which will cover my cost in all of the above scenarios, but again that's of no consequence to you. You'd expect me to cover any damage causes by my stuff whether I get the money from my savings or from my insurance company.
In the specific case of *fully* autonomous cars, probably the owner would say it's the manufacturers fault almost every time. Perhaps the owner sent the car out in a blizzard and that's their fault, but most times the owner will want the manufacturer to pay. Because of that, for the practical purpose of avoiding law suits it's convenient to have the manufacturer serve as the owner's insurance company. That way the manufacturer/insurer will pay either way, whether it's the owner's fault or the manufacturer's fault. Doesn't matter whoee fault it is if the manufacturer also provides the owner with insurance that covers any fault the owner may have.
> What on earth does my occupation have to do with this and why should it have anything to do with the topic at hand?
Just curious why you're so intent on insisting that my life doesn't exist. It *seems* kinda like for whatever reason you have some vested interest in insisting that one can't learn this stuff without incurring massive debt. One reason a person might take that position would be if they were SELLING $60,000 degrees. Another reason would be if they had spent $60,000 they couldn't afford and don't want to feel foolish about that decision. I'm sure there are other reasons someone might be invested in such an idea. Just curious what your reason is.
> Why would Georgia Tech's online masters course be any different?
Because being different from the centuries-old educational model is pretty much what the program is all about. They started with a blank slate and asked "what's the best and most efficient way for people to learn this material, given current technology and the current world?". Most programs start with the traditional university model which was created at the University of Paris and Oxford in the 12th century, then make small adjustments.
What about it? Are you asking whether the owner of rhe vehicle will be liable, or the manufacturer?
Both. The manufacturer will ultimately pay the bill, but I I buy a device and send my device out on the road, where it injures you, you're claim is against me.
Just as I as a driver have an agreement with an insurance company to cover my liability, the owner of an autonomous vehicle have coverage from the manufacturer. Essentially the manufacturer serves the same role as an insurance company as far as how a suit would proceed. This makes sense because it avoids the need to deal with the question of whether the owner or the manufacturer is at fault - the manufacturer is going to pay the bill anyway.
Thanks for the reminder. I had seen that before but forgot.
You are correct, it is slated foe removal after it is replaced with Certification Authority Authorization and Expect Certificate Transparency. High risk sites such as banks can implement both pinning and Expect-CT, along with HSTS, to be protected both now and in the future.
Before implementing pinning, one should consider the potential problems that can occur if you lose your key and make darn sure there is a secured off-site backup of the key.
You do realize that the very fastest in country, competing in the unlimited class, are by definition highly unusual, right?
The average hobbiest runner runs about 8 MPH. The average person slower than that. Usain Bolt goes 28 MPH. Pretending that world record numbers are typical would be pretty silly.
> > Every browser should track every certificate and scream blue murder if the certificate is ever changed : "alert alert alert, this website you've been dealing with for 3 years suddenly has a new certificate from a new authority, go see WTF is happening".
> Except that nobody has come up with a better way
The better way is called "certificate pinning" and it works just the way the GP described. Your browser won't accept a Symantec certificate for Google.com because it knows Google gets its certificates from a different CA.
Certificate pinning is opt-in for web sites, sites can decide if they want their certificate pinned, because they may want to change CAs in the future.
> But most of the current furor over abuse and privacy and safety are about precisely the "second" set of drones you mention. In common usage, those are what most people mean by drones, and they are what will be affected most strongly by removing section 336
I suspect most of the fear and furor is from confusing the second set, toys, with the third set, large commercial vehicles ala Amazon. If people are seriously worried about their safety from other people playing with toys, they are not well informed about the topic. I have the most common "large" size quadcopter, same size as the DJI Phantom, and I've grabbed it by the rotor while it was flying. Didn't hurt. The plastic props arw *designed* to not cause injury. The prop on my model plane did hurt. Not enough to cause lasting injury, but a bandaid was appropriate. The "drone" prop didn't merit a band-aid.
If you're concerned about YOU getting injured because I play with a toy, I invite you to come check it out and see what it's like. I suspect you'll be particularly surprised how light it is. The physics of flight are a bit complicated, but all kinds of flight equations end up with the same conclusion - the lighter the better for flight, and very much so. I'll also invite you to feel the nylon props and I think you'll be surprised how soft they are - a bit harder than a pencil eraser.
As it happens, other government agencies are pretty picky about the safety of toys. Toys aren't supposed to injure the people using them, so anyone who isn't even touching the toy is pretty darn safe. Someone riding a bike is much more likely to hurt you - bikes are much, much heavier, and made of metal. Model aircraft are made of plastic and foam.
The section in question applies to small model planes uses only for recreation (no commercial use). In other words, toys. For decades model aircraft have been just fine using compliance with AMA rules, without a bunch of paperwork with the FAA for each foam plane.
The word "drone", used in the title, has at least three completely different meanings.
In the military, a "drone" is an aircraft, normally fixed-wing (an airplane) which has some degree of ability to operate autonomously.
Around the same time that new military drones were in the news, toy helicopters with four motors (quadcopters) became popular. Advertisers capitalized on the media coverage of military drones by calling these toys "drones", though they can in no way fly autonomously. Most can't go more than about 100 meters from the operator (though a few can go further).
Thirdly, although the physics are such that quadcopters are horrible for scaling up, some people thought about building 2 meter sized quadcopters and using them commercially. There have been some serious proposals, but largely that's gimmick to get attention because the physics don't work out very well. Anyway, that's a third thing called "drone" that's very different from military jets, and very different from little plastic toys.
Talking about what laws should be for "drones" doesn't make much sense because military jet planes are called drones, little plastic toys are called drones, and motorcycle-sized commercial aircraft are called drones. Talking about laws for "drones" is pointless, or worse, highly misleading, unless you first define which kind of "drone" you're talking about.
Section 336 is about model aircraft, little foam and plastic toys. Getting rid of it won't solve any concerns anyone may have with anything else called "drone", such as the commercial use vehicles Amazon talks about.
If you're talking directly to the origin server, you're trusting
a) the public certificate authority.
If you're talking to a proxy, which then talks to the origin server, you're trusting:
a) Your local admins not only set up the proxy securely, but have kept updating the configuration every few months to stay up with the latest attacks.
b) The proxy vendor got it right, and keeps it updated.
c) the proxy server (which has the unecrypted data) hasn't been compromised
d) the certificate authority
The proxy is strictly weaker, in an absolute sense, because it requires trusting the certificate authority PLUS trusting the local admins get it right and keep it right, PLUS trusting the vendor of the proxy. You have to trust the same original CA plus two more groups of people, plus trust that the proxy server itself is insecure, that the server OS etc hasn't been exploited.
Therefore the proxy is more dangerous in an absolute, mathematical sense. It's not even debatable because adding more ways to fail *always* makes it weaker.
Scamming people is illegal.
Caller ID spoofing of this type is illegal under the Truth in Calling Act.
Unfortunately the criminals don't follow the law. That's a concept some people forget often.
"Have you rebooted it? â
You're THAT guy. I see.
Raymorris: Your router at 67.3.4.1 has a routing loop with the one at 67.18.9.4. Both are sending the traffic to each other, in a circle.
Support: Let's reboot your computer.
Raymorris: May I please speak to someone who is allowed to touch your equipment.
My ISP's regional network manager gave me his cell.phone number after a couple of those calls.
I'm not sure I'm understanding your question. Can you rephrase it?
I'm curious about your situation - are you employed by a university, or do you have $60,000 in student loans that you hope are worth it? For some reason you seem VERY resistant to the idea that people, including myself, can and did learn this stuff without spending $60,000 on the basics, before starting work. I'm wondering why that could be.
Some of those expensive university comp sci courses used a book my mom wrote. She didn't have $60,000 in student loans when she *wrote* the book, so ...
As you correctly stated, they can't void the warranty regarding unrelated problems because a customer used unauthorized parts. In other words, if you put in a knock-off keyboard, then later have a problem with the screen, they can't say the screen isn't warranteed because you replaced the keyboard.
Where do you see them trying to do that? The Magnuson-Moss Warranty Act is about warranties (hence the name). It doesn't say "manufacturers mist make it easy to repair products". It doesn't say "manufacturers must somehow make sure that knock off parts always work right". It only says that the warranty on part A can't be conditioned on using OEM part B.
"The keyboard doesn't work" is option B.
I gave you the link to the law. Yet rather than reading it you keeping wishing about it. Do you think it's going to change if you keep typing? The US Code actually isn't social media, nothing you post here is going to change the Magnuson-Moss Act. No matter how much we might wish it said whatever, it says what it says.
> So you're just gonna leave out the previous $40,000+ for the undergrad degree
https://www.wgu.edu/financial-...
Average cost of $15,000 minus $3,000 tax credit = $12,00
Want to dig some more, or maybe now you know that some of us found a way to a six-figure salary without any student loan debt at all, you could consider that you could do the same. You could trade in your excuses for a $100,000 / year X 10 years = $1 million. Which would you rather have, a million dollars, or your excuse? Your choice.
I've found the Android / Google keyboard autosuggestions quite useful in a chat app I use. I suppose I tend to frequently use the same phrases there.