That was my first thought. Then it occurred to me I don't recall hearing this ever happen before at an airport. Perhaps they have sufficient backup systems to handle any expected power outage, but those backup systems failed for whatever reason, or transitioning to them failed. I'm sure they've needed to switch to backup power before; we probably didn't hear about it because it switched over just fine in the past.
I've seen incidents where a web server had two independent backups that both failed. Good, redundant design can give you 99.999% uptime, but Murphys law is always awaits.
When people ask "what do you do?" I tell them what my project accomplishes, not the technical details of HOW I do it.
Here are the "what do you?" answers for my jobs over the years:
I help large porn sites become easier and more fun to use, so people can find the porn they like quickly, and not have annnoying technical problems like videos that take forever to load. (I wrote software as a means of getting my job done).
I run a company where we do security for porn sites, to help keep porn sites from getting hacked.
I build new features for the university's online campus.
I build tools to find security problems in corporate networks and tell the company how to fix things to be more secure.
For all of these jobs a I used programming languages, research, an understanding of customer needs and budget. I used email, I used a desk. Programming languages and email were tools I used to do my job, but my job is something else, something that people can understand.
If the programming is just a tool, to build something such as ebay.com or Android Auto, why talk about the tool?
Q: What do you do? A: I build new features for Facebook.
Q: What do you do? A: I develop automatic safety systems for cars, such as collision avoidance.
Q: What do you do? A: I create tools to find and fix security weaknesses in corporate networks.
All of those jobs include programming as a method to do the job, and all are understandable. The last answer is what I do, I build "hacking tools", tools to find security weaknesses. Yes I use various programming languages to do that. I also use RFCs, Wireshark, experience in the field, news sources, etc. The phone programming language is one of many tools that I use to do my job. My job is to build tools that find security holes.
Netflix may certainly grow. A LOT of people are Netflix subscribers now. I wouldn't be surprised if they eventually get 50% more subscribers. They need ten to a hundred times as many subscribers in order to justify their *current* stock valuation, and I don't see that happening.
> Which won't mean dick if they have the wrong business model.
The right business model sure is important! Size, maturity of the organization, and experience does matter, though, and in fact a company the size of Fox, Google, or Disney can choose the wrong business model several times and survive. Fox has three different movie studios, TV studios, production companies, Fox Music, 30% of Hulu, Fox Digital Entertainment, etc. They could have totally the wrong business model for any of those for several years and it wouldn't hurt the parent company *that* badly. Heck even if they ceased all operations in all of their businesses, just syndication of their existing shows would bring more profit than Netflix makes.
> a) Netflix is worth $92 billion. Double of the Fox company Disney is buying.
Fox has ten times the revenue and FORTY FIVE times the profit of Netflix. Netflix has hype that has generated speculative stock buys, and by every measure of fundamentals is *worth* a tiny fraction of that.
> c) Disney's revenue is declining. Properties like ABC, people aren't watch tv as much.
Disney's revenue has gone from $42B to $55B over the last five years. In the last ten years, every year has been a significant increase other than a dip in 2009, and 2017 was flat.
I'm thinking LinkedIn is wrong here, but a simple, clear-cut, and correct statement of public policy is more difficult than it first appears.
"accessing publicly available information" sounds pretty clear and simple, but the more I think about it, the murkier it becomes. Suppose in each of the following scenarios the data is by the owner's terms not to be accessed by bots and:
A) The system pops up a user/ password dialog before allowing access. User "admin" and an empty password works
B) The system pops up a user/ password dialog before allowing access. User "admin" and password "password" works
C) The system pops up a user/ password dialog before allowing access. User "admin" and password "correct horse battery staple" works
D) The system pops up a user/ password dialog before allowing access. Sending 17,000 requests each with a password that consists of a million null bytes followed by carefully crafted machine code to overwrite memory sometimes works
The thing is, ANY data that has been hacked over the internet was accessible to the public, if they public tried hard enough, and was clever enough in defeating access control measures. That makes it difficult to legistlate a bright-line rule.
Correct, that doesn't matter because the internet uses hot-potato routing. If E-BGP used cold potato, companies might take that into consideration. As it is, peering is always based on the bandwidth in each direction - whether some packet is in response to some other packet isn't considered.
> Netflix was not in any peering agreement with Comcast. Netflix's internet provider was.
Putting a "Cogent" sticker on the Netflix-to-Comcast router doesn't change anything. Netflix and Cogent wanted to dump a shitload of hot potato traffic onto the Comcast network, far beyond what Comcast was sending to Cogent. That's no longer balanced, so they aren't peers. Peering no longer applies.
> If Comcast was not happy with the data flow they should have negotiated the peering agreement with their peer.
They did. Cogent relayed the terms to Netflix. Netflix took the position that they would not pay for their connections, directly or indirectly.
> Instead, they extorted money from Netflix, who remember, is only a customer of the the company
Actually *Netflix* contacted *Comcast* requesting direct connections. Comcast happens to be in the business of selling network connections, so that made sense. Comcast's 100Mps down, 50 Mbps up plan isn't quite enough for Netflix, of course. Netflix needed thousands of gigabit up. And they wanted it for free. Nope, said Comcast, and Netflix signed up for a paid connection just like everyone else.
Call up Comcast or ANY ISP and ask for a connection to run your web server, and say you want the free account. See how that works. Nobody ever thought ISPs should provide free service until Netflix's astroturfing campaign. Every web site pays for hosting. Netflix wanted to be a special snowflake.
Settlement-free peering (neither side pays) is used where there are roughly balanced flows on either side. When one side sends 100Mbps and the other side suddenly wants to send 10 Gbps, that's no longer a balanced flows and not covered under standard peering arrangements.
Netflix wanted connections upgraded because they wanted to send a lot more traffic than Comcast sent. That's not peering anymore.
Netflix could have been smart like Cloudflare and offered a service which would have them receiving a lot of traffic or partnered with a company who does. Cloudflare's DOS protection services cost them nothing in and bandwidth and actually reduce their total bandwidth costs because the traffic incoming to their security services balances the traffic outgoing from their CDN. That makes them eligible for peering with many ISPs.
Netflix could have done something similar, and still could today, but apparently they've decided manipulating public opinion is easier than adding a new service, or partnering with a company such as Backblaze which offers a service that accepts a lot of data.
Netflix did indeed do a great job of establishing group think in many forums. And yes, Netflix made this an issue when they didn't want to pay their hosting bill. That's how NN regulation started. They wanted direct connections from all the major ISPs without paying for hosting like every other site in the world does.
The other main counter-balancing is simple. Net neutrality rules were in effect for a year and half. Did things get massively better during that time? Did the world crumble from 1990-2015 when there wasn't any NN regulation?
There are plenty of "mandate by law secure systems" already. Doesn't do much good because laws don't create competence. "Requiring" that agencies be secure doesn't even make people *want* to do a good a job - an apathetic sysasdmin indeed becomes MORE apathetic with each new regulation.
I've been required to follow federal security standards before, at a government job. The federal standards required we use MD5. We wanted to use SHA256, because it's FAR more secure. MD5 has been broken for several years. But regulations are regulations. Gotta follow the regulations, although it means any script kiddie can access your account.
Another poster pointed out DoD has been hacked over and over again. One reason is that DoD suckerity standards *require* you to do really stupid things. Even government standards such as NIST which are optional and therefore more quickly updated say you must NOT do some of the things DoD requires, because following the government mandates forces security weaknesses.
The fact is, Amazon has hundreds of security professionals working for them and they've put thousands of man-hours into the security of RDS. I'd challenge anyone to find even one federal government database server anywhere that is as secure as RDS with the default security group. There is no perfect security, but the "security" mandates the feds operate under result in some of the least secure systems around.
That said, if an underpaid, unqualified, apathetic diversity hire at a government agency fires up a *Windows* server on AWS and install their own outdated copy of SQL Server, then actively sets the security group to allow connections from everywhere, they aren't going to benefit much from all the security efforts that have been applied to RDS. They certainly can screw up with an AWS server just like they can screw up with a physical server. They'll screw up a lot less if they let Amazon handle the servers and they use services like RDS, Glacier, and Lamda.
>what companies like Cox, Charter, and Comcast do.
This is what Cox, Charter, and Comcast.do: --
already targeted a few areas it thinks it can fix: it doesn't like the years-long contracts, bloated bundles, outdated tech and poor customer service that are staples of TV service in the U.S. -- Of the eight companies with worst customer service ratings in America, two are major cable companies.
Their *goal* is to provide cable-like TV without becoming a "cable company" like Comcast and Time Warner, companies consumers loathe.
Their "uncarrier" initiative with mobile phones included things like getting rid of the half-dozen extra fees that typical carriers add to your monthly bill. Ever noticed "terms subject to change without notice"? T-Mobile is doing away with that. They are trying to be a different kind of company providing these services. I hope they succeed.
Today I'm re-writing a TLS (ssl) client to use the same hacky workarounds other clients have to use because F5 tries to read the ClientHello request into 256 byte buffer. The full packet is 684 bytes, and standards compliant. Since F5 standards compliant, we have to try three time to initiate a TLS connection, with three ClientHello requests, each under 256 bytes.
Have you watched a meteor shower? The meteors absolutely appear to radiate outward from a central point, going in all different directions. Anyone watching would say some of the meteors in a given shower go east, some go west, some go south, etc. Unless you're watching from the moon. Watching from far away from the Earth, you see they are actually all coming from the same direction.
I suspect that's what you saw - either a meteor or space junk re-entering was coming toward you. Toward you and very slightly to your left. You could only the leftward motion. As it broke up, a piece continued toward you, but very slightly to the right. You can only see the rightward component, not the "toward you" component of the motion. From everything your eyes can see, it was going left, then it turned and went right
Your eyes have no way of knowing that while it was going left at 100 MPH, it was also going toward you at 4,000 MPH.
That's funny. For a split second I thought about which of the two terms I should use. After about 200ms, when I couldn't remember the other term (fire fly), I went with lighting bug.:)
I saw a fascinating UFO once, and several friends witnessed it as well. What we saw was an instance of "Often the apparent spacecraft does something improbable like standing completely still in the sky and then shooting off to somewhere at an incredible speed." Being an ultralight and RC pilot, I'm well aware that "standing still" can be when the object is moving toward or away from you, but I couldn't explain the maneuvers this thing was doing. It was night, a light in the sky moving in ways that planes don't. The four or five people watching it were confused and a little bit amazed.
Then it flew in front of a tree and we all recognized the lightning bug for what it was.
The whole incident demonstrated several scientific principles. A point of light against the dark sky could be 10 miles away and moving at 1,000 MPH or 300 feet away and moving at 1MPH - your eyes cannot tell the difference. (I don't feel like doing the math to convert arc seconds to MPH, but you get the point). Stereopsis isn't very effective after a hundred feet or so and and stops working at all at a distance of several hundred feet. We thought it was large object, far away moving fast. It was actually a small object, close, moving much slower, and the two are indistinguishable against a dark sky. Only when it flew in front of a tree did we have any way to estimate its true distance and size.
If this kind of thing interests a person, watch large planes fly around an airport before landing at night. They'll appear to come to a dead stop in midair as they turn to fly toward you. They my also seem to shoot almost straight up, though they are actually losing altitude, because they are coming toward you, to fly over your head. Overhead *seems* higher than being near the horizon, but the apparent altitude is unrelated to the actual altitude.
Don't be like Equifax. Don't hire a music major to be your CSO. Hire a cyber security major with 20 years of relevant experience. Someone whose knowledge is evident from years of posts about security you can see on your favorite tech site.
Btw, I'm a cyber security major with 20 years of security experience.
If Bitcoin went up over the last few hours, the sticker price would need to go down. If BTC went down, the price would need to go up. So no way to know what the price should be a few hours from now. Hence it's a really bad medium of exchange.
If you ignore the wild fluctuations and pretend BTC only goes up, prices would go down every day - prices will always be lower tomorrow. Therefore you should always wait until tomorrow to buy something with BTC. Spending it is always foolish, if you pretend it will only go up, at a significant rate.
You can't possibly mean "medium of exchange" in the normal sense of that term, can you? This is what "medium of exchange" normally means:
Someone wants a car and has firewood. With BARTER they'd have to find someone willing to trade a car for firewood. That would suck. Instead they look at Craigslist and find the kind of car they want sells for $8,000 They make arrangements to sell $8,000 worth of firewood. After the people come pick up the firewood and payments clear, they contact Craigslist sellers and buy a car for $8,000. The dollars are a medium of exchange because the person selling the car isn't the person receiving the firewood Dollars, as a medium of exchange, allow value delivered to one person (firewood buyers) to later be valued the same by another person (the car seller).
Here's how the exchange would "work" with Bitcoins instead of dollars:
Someone wants a car and has firewood. They look at Craigslist and find the kind of car they want sells for 2 BTC. Actually 1.8BTC now. No, wait, 2.2 BTC. They make arrangements to sell 2.2BTC worth of firewood. After the people pick up the firewood and the payments clear, they contact Craigslist sellers, who now want 3BTC for a car.
It doesn't allow the value of firewood to later be used to buy a car, because there's no telling how much 2BTC might be worth two or three days from now.
What kinda works as this: Now selling this car for $8,000. Accepting payment by cash, certified check, Bitcoin, Visa, or MasterCard. Bitcoin can be used as a method of payment, a way of transmitting dollars from place to place, just like a check or a Visa card. The difference is. Visa transaction is confirmed in about 800 milliseconds, a Bitcoin transaction takes a day or so.
"Trump would _______ [whatever]" isn't helpful at this point; it only serves to get your blood pressure up.
If you just can't get enough of presidential politics, you could start looking at who might be good in 2020, because that's the next election. Or seek counseling because the whole thing is bull, and not good to focus on 24/7/365. Taking a break for a couple years might be good.
That's what I was thinking. EFF and others would support it. Tanenbaum doesn't seem to be interested, unfortunately. The copyright is actually held by the university. Possibly someone else at the university would be interested.
Andrew Tanenbaum replied to me / us 20 minutes after I sent him a link to your post. He figures Intel would be will to spend millions fighting a subpeona, so it's not worth it.:(
In general, anyone who was harmed by an unlawful act can sue. The plaintiff would show that: 1) The defendant did an unlawful act (including torts such as negligence) And 2) That unlawful act caused harm to the plaintiff
In Megabyte vs Nvidia, the copyright infringement may have constituted unfair competition or unfair trade practices under state law. The court ruled that *if certain specific conditions are met*, the federal Copyright Act preempts state common law and the plaintiffs did not prevail.
So while *in general* anyone harmed by unlawful conduct has standing to sue, the Copyright Act specifically limits that, under certain conditions. There's not a clear, bright-line answer to these general types of cases.
Separately, *criminal* copyright infringement can be charged by a federal prosecutor. Criminal infringement is defined as:
infringes a copyright willfully and for purposes of commercial advantage or private financial gain...valued at over $2,500
Millions of copies of Minix is more than $2,500 of value, so if Intel was willfull in their infringement they are guilty of criminal copyright infringement.
Slashdot Mirror
That was my first thought. Then it occurred to me I don't recall hearing this ever happen before at an airport. Perhaps they have sufficient backup systems to handle any expected power outage, but those backup systems failed for whatever reason, or transitioning to them failed. I'm sure they've needed to switch to backup power before; we probably didn't hear about it because it switched over just fine in the past.
I've seen incidents where a web server had two independent backups that both failed. Good, redundant design can give you 99.999% uptime, but Murphys law is always awaits.
When people ask "what do you do?" I tell them what my project accomplishes, not the technical details of HOW I do it.
Here are the "what do you?" answers for my jobs over the years:
I help large porn sites become easier and more fun to use, so people can find the porn they like quickly, and not have annnoying technical problems like videos that take forever to load.
(I wrote software as a means of getting my job done).
I run a company where we do security for porn sites, to help keep porn sites from getting hacked.
I build new features for the university's online campus.
I build tools to find security problems in corporate networks and tell the company how to fix things to be more secure.
For all of these jobs a I used programming languages, research, an understanding of customer needs and budget. I used email, I used a desk. Programming languages and email were tools I used to do my job, but my job is something else, something that people can understand.
If the programming is just a tool, to build something such as ebay.com or Android Auto, why talk about the tool?
Q: What do you do?
A: I build new features for Facebook.
Q: What do you do?
A: I develop automatic safety systems for cars, such as collision avoidance.
Q: What do you do?
A: I create tools to find and fix security weaknesses in corporate networks.
All of those jobs include programming as a method to do the job, and all are understandable. The last answer is what I do, I build "hacking tools", tools to find security weaknesses. Yes I use various programming languages to do that. I also use RFCs, Wireshark, experience in the field, news sources, etc. The phone programming language is one of many tools that I use to do my job. My job is to build tools that find security holes.
Netflix may certainly grow. A LOT of people are Netflix subscribers now. I wouldn't be surprised if they eventually get 50% more subscribers. They need ten to a hundred times as many subscribers in order to justify their *current* stock valuation, and I don't see that happening.
> Which won't mean dick if they have the wrong business model.
The right business model sure is important! Size, maturity of the organization, and experience does matter, though, and in fact a company the size of Fox, Google, or Disney can choose the wrong business model several times and survive. Fox has three different movie studios, TV studios, production companies, Fox Music, 30% of Hulu, Fox Digital Entertainment, etc. They could have totally the wrong business model for any of those for several years and it wouldn't hurt the parent company *that* badly. Heck even if they ceased all operations in all of their businesses, just syndication of their existing shows would bring more profit than Netflix makes.
> a) Netflix is worth $92 billion. Double of the Fox company Disney is buying.
Fox has ten times the revenue and FORTY FIVE times the profit of Netflix. Netflix has hype that has generated speculative stock buys, and by every measure of fundamentals is *worth* a tiny fraction of that.
> c) Disney's revenue is declining. Properties like ABC, people aren't watch tv as much.
Disney's revenue has gone from $42B to $55B over the last five years. In the last ten years, every year has been a significant increase other than a dip in 2009, and 2017 was flat.
I'm thinking LinkedIn is wrong here, but a simple, clear-cut, and correct statement of public policy is more difficult than it first appears.
"accessing publicly available information" sounds pretty clear and simple, but the more I think about it, the murkier it becomes. Suppose in each of the following scenarios the data is by the owner's terms not to be accessed by bots and:
A) The system pops up a user/ password dialog before allowing access. User "admin" and an empty password works
B) The system pops up a user/ password dialog before allowing access. User "admin" and password "password" works
C) The system pops up a user/ password dialog before allowing access. User "admin" and password "correct horse battery staple" works
D) The system pops up a user/ password dialog before allowing access. Sending 17,000 requests each with a password that consists of a million null bytes followed by carefully crafted machine code to overwrite memory sometimes works
The thing is, ANY data that has been hacked over the internet was accessible to the public, if they public tried hard enough, and was clever enough in defeating access control measures. That makes it difficult to legistlate a bright-line rule.
Correct, that doesn't matter because the internet uses hot-potato routing. If E-BGP used cold potato, companies might take that into consideration. As it is, peering is always based on the bandwidth in each direction - whether some packet is in response to some other packet isn't considered.
> Netflix was not in any peering agreement with Comcast. Netflix's internet provider was.
Putting a "Cogent" sticker on the Netflix-to-Comcast router doesn't change anything. Netflix and Cogent wanted to dump a shitload of hot potato traffic onto the Comcast network, far beyond what Comcast was sending to Cogent. That's no longer balanced, so they aren't peers. Peering no longer applies.
> If Comcast was not happy with the data flow they should have negotiated the peering agreement with their peer.
They did. Cogent relayed the terms to Netflix. Netflix took the position that they would not pay for their connections, directly or indirectly.
> Instead, they extorted money from Netflix, who remember, is only a customer of the the company
Actually *Netflix* contacted *Comcast* requesting direct connections. Comcast happens to be in the business of selling network connections, so that made sense. Comcast's 100Mps down, 50 Mbps up plan isn't quite enough for Netflix, of course. Netflix needed thousands of gigabit up. And they wanted it for free. Nope, said Comcast, and Netflix signed up for a paid connection just like everyone else.
Call up Comcast or ANY ISP and ask for a connection to run your web server, and say you want the free account. See how that works. Nobody ever thought ISPs should provide free service until Netflix's astroturfing campaign. Every web site pays for hosting. Netflix wanted to be a special snowflake.
Settlement-free peering (neither side pays) is used where there are roughly balanced flows on either side. When one side sends 100Mbps and the other side suddenly wants to send 10 Gbps, that's no longer a balanced flows and not covered under standard peering arrangements.
Netflix wanted connections upgraded because they wanted to send a lot more traffic than Comcast sent. That's not peering anymore.
Netflix could have been smart like Cloudflare and offered a service which would have them receiving a lot of traffic or partnered with a company who does. Cloudflare's DOS protection services cost them nothing in and bandwidth and actually reduce their total bandwidth costs because the traffic incoming to their security services balances the traffic outgoing from their CDN. That makes them eligible for peering with many ISPs.
Netflix could have done something similar, and still could today, but apparently they've decided manipulating public opinion is easier than adding a new service, or partnering with a company such as Backblaze which offers a service that accepts a lot of data.
Thanks for posting a different perspective.
Netflix did indeed do a great job of establishing group think in many forums. And yes, Netflix made this an issue when they didn't want to pay their hosting bill. That's how NN regulation started. They wanted direct connections from all the major ISPs without paying for hosting like every other site in the world does.
The other main counter-balancing is simple. Net neutrality rules were in effect for a year and half. Did things get massively better during that time? Did the world crumble from 1990-2015 when there wasn't any NN regulation?
There are plenty of "mandate by law secure systems" already. Doesn't do much good because laws don't create competence. "Requiring" that agencies be secure doesn't even make people *want* to do a good a job - an apathetic sysasdmin indeed becomes MORE apathetic with each new regulation.
I've been required to follow federal security standards before, at a government job. The federal standards required we use MD5. We wanted to use SHA256, because it's FAR more secure. MD5 has been broken for several years. But regulations are regulations. Gotta follow the regulations, although it means any script kiddie can access your account.
Another poster pointed out DoD has been hacked over and over again. One reason is that DoD suckerity standards *require* you to do really stupid things. Even government standards such as NIST which are optional and therefore more quickly updated say you must NOT do some of the things DoD requires, because following the government mandates forces security weaknesses.
The fact is, Amazon has hundreds of security professionals working for them and they've put thousands of man-hours into the security of RDS. I'd challenge anyone to find even one federal government database server anywhere that is as secure as RDS with the default security group. There is no perfect security, but the "security" mandates the feds operate under result in some of the least secure systems around.
That said, if an underpaid, unqualified, apathetic diversity hire at a government agency fires up a *Windows* server on AWS and install their own outdated copy of SQL Server, then actively sets the security group to allow connections from everywhere, they aren't going to benefit much from all the security efforts that have been applied to RDS. They certainly can screw up with an AWS server just like they can screw up with a physical server. They'll screw up a lot less if they let Amazon handle the servers and they use services like RDS, Glacier, and Lamda.
>what companies like Cox, Charter, and Comcast do.
This is what Cox, Charter, and Comcast.do:
--
already targeted a few areas it thinks it can fix: it doesn't like the years-long contracts, bloated bundles, outdated tech and poor customer service that are staples of TV service in the U.S.
--
Of the eight companies with worst customer service ratings in America, two are major cable companies.
Their *goal* is to provide cable-like TV without becoming a "cable company" like Comcast and Time Warner, companies consumers loathe.
Their "uncarrier" initiative with mobile phones included things like getting rid of the half-dozen extra fees that typical carriers add to your monthly bill. Ever noticed "terms subject to change without notice"? T-Mobile is doing away with that. They are trying to be a different kind of company providing these services. I hope they succeed.
Today I'm re-writing a TLS (ssl) client to use the same hacky workarounds other clients have to use because F5 tries to read the ClientHello request into 256 byte buffer. The full packet is 684 bytes, and standards compliant. Since F5 standards compliant, we have to try three time to initiate a TLS connection, with three ClientHello requests, each under 256 bytes.
Have you watched a meteor shower? The meteors absolutely appear to radiate outward from a central point, going in all different directions. Anyone watching would say some of the meteors in a given shower go east, some go west, some go south, etc. Unless you're watching from the moon. Watching from far away from the Earth, you see they are actually all coming from the same direction.
I suspect that's what you saw - either a meteor or space junk re-entering was coming toward you. Toward you and very slightly to your left. You could only the leftward motion. As it broke up, a piece continued toward you, but very slightly to the right. You can only see the rightward component, not the "toward you" component of the motion. From everything your eyes can see, it was going left, then it turned and went right
Your eyes have no way of knowing that while it was going left at 100 MPH, it was also going toward you at 4,000 MPH.
That's funny. For a split second I thought about which of the two terms I should use. After about 200ms, when I couldn't remember the other term (fire fly), I went with lighting bug. :)
I saw a fascinating UFO once, and several friends witnessed it as well. What we saw was an instance of "Often the apparent spacecraft does something improbable like standing completely still in the sky and then shooting off to somewhere at an incredible speed." Being an ultralight and RC pilot, I'm well aware that "standing still" can be when the object is moving toward or away from you, but I couldn't explain the maneuvers this thing was doing. It was night, a light in the sky moving in ways that planes don't. The four or five people watching it were confused and a little bit amazed.
Then it flew in front of a tree and we all recognized the lightning bug for what it was.
The whole incident demonstrated several scientific principles. A point of light against the dark sky could be 10 miles away and moving at 1,000 MPH or 300 feet away and moving at 1MPH - your eyes cannot tell the difference. (I don't feel like doing the math to convert arc seconds to MPH, but you get the point). Stereopsis isn't very effective after a hundred feet or so and and stops working at all at a distance of several hundred feet. We thought it was large object, far away moving fast. It was actually a small object, close, moving much slower, and the two are indistinguishable against a dark sky. Only when it flew in front of a tree did we have any way to estimate its true distance and size.
If this kind of thing interests a person, watch large planes fly around an airport before landing at night. They'll appear to come to a dead stop in midair as they turn to fly toward you. They my also seem to shoot almost straight up, though they are actually losing altitude, because they are coming toward you, to fly over your head. Overhead *seems* higher than being near the horizon, but the apparent altitude is unrelated to the actual altitude.
Don't be like Equifax. Don't hire a music major to be your CSO. Hire a cyber security major with 20 years of relevant experience. Someone whose knowledge is evident from years of posts about security you can see on your favorite tech site.
Btw, I'm a cyber security major with 20 years of security experience.
If Bitcoin went up over the last few hours, the sticker price would need to go down. If BTC went down, the price would need to go up. So no way to know what the price should be a few hours from now. Hence it's a really bad medium of exchange.
If you ignore the wild fluctuations and pretend BTC only goes up, prices would go down every day - prices will always be lower tomorrow. Therefore you should always wait until tomorrow to buy something with BTC. Spending it is always foolish, if you pretend it will only go up, at a significant rate.
You can't possibly mean "medium of exchange" in the normal sense of that term, can you? This is what "medium of exchange" normally means:
Someone wants a car and has firewood.
With BARTER they'd have to find someone willing to trade a car for firewood. That would suck.
Instead they look at Craigslist and find the kind of car they want sells for $8,000
They make arrangements to sell $8,000 worth of firewood.
After the people come pick up the firewood and payments clear, they contact Craigslist sellers and buy a car for $8,000.
The dollars are a medium of exchange because the person selling the car isn't the person receiving the firewood Dollars, as a medium of exchange, allow value delivered to one person (firewood buyers) to later be valued the same by another person (the car seller).
Here's how the exchange would "work" with Bitcoins instead of dollars:
Someone wants a car and has firewood.
They look at Craigslist and find the kind of car they want sells for 2 BTC.
Actually 1.8BTC now.
No, wait, 2.2 BTC.
They make arrangements to sell 2.2BTC worth of firewood.
After the people pick up the firewood and the payments clear, they contact Craigslist sellers, who now want 3BTC for a car.
It doesn't allow the value of firewood to later be used to buy a car, because there's no telling how much 2BTC might be worth two or three days from now.
What kinda works as this:
Now selling this car for $8,000. Accepting payment by cash, certified check, Bitcoin, Visa, or MasterCard. Bitcoin can be used as a method of payment, a way of transmitting dollars from place to place, just like a check or a Visa card. The difference is. Visa transaction is confirmed in about 800 milliseconds, a Bitcoin transaction takes a day or so.
In case you missed it, the election was over a year ago. Slashdot even had stories about it.
https://politics.slashdot.org/...
https://politics.slashdot.org/...
"Trump would _______ [whatever]" isn't helpful at this point; it only serves to get your blood pressure up.
If you just can't get enough of presidential politics, you could start looking at who might be good in 2020, because that's the next election. Or seek counseling because the whole thing is bull, and not good to focus on 24/7/365. Taking a break for a couple years might be good.
That's what I was thinking. EFF and others would support it. Tanenbaum doesn't seem to be interested, unfortunately. The copyright is actually held by the university. Possibly someone else at the university would be interested.
There is a range, but basically $750 per copy, up to $150,000 per work. So Intel owes Tanenbaum $150,000, or whatever damages he can prove.
Andrew Tanenbaum replied to me / us 20 minutes after I sent him a link to your post. He figures Intel would be will to spend millions fighting a subpeona, so it's not worth it. :(
In general, anyone who was harmed by an unlawful act can sue. The plaintiff would show that:
1) The defendant did an unlawful act (including torts such as negligence)
And
2) That unlawful act caused harm to the plaintiff
In Megabyte vs Nvidia, the copyright infringement may have constituted unfair competition or unfair trade practices under state law. The court ruled that *if certain specific conditions are met*, the federal Copyright Act preempts state common law and the plaintiffs did not prevail.
So while *in general* anyone harmed by unlawful conduct has standing to sue, the Copyright Act specifically limits that, under certain conditions. There's not a clear, bright-line answer to these general types of cases.
Separately, *criminal* copyright infringement can be charged by a federal prosecutor. Criminal infringement is defined as:
infringes a copyright willfully and for purposes of commercial advantage or private financial gain ...valued at over $2,500
Millions of copies of Minix is more than $2,500 of value, so if Intel was willfull in their infringement they are guilty of criminal copyright infringement.
You may be right. Tanenbaum or others at the University may be able to subpeona the code. I'm sending him a link to your post.