See, for so many people, unless a popup comes up, says you need an updated driver, and guides them through the process... this is exactly what won't happen. They don't know a damned thing about this.
Are you so utterly out of touch with non-technical people to not grasp that these people aren't going gee, I need to update my driver so I should hop on over to the manufacturer website and find it? They're going "ZOMG, kittens!" They don't even know (or care) what a driver is.
Honestly, do you now know any non-technical people? Because the first bunch of steps in this process simply don't happen.
Who on Earth savvy enough to update drivers uses a black box utility to download and install low level pieces of software (that require admin privs to install) like this?
So, how many people have computers? How many of them are savvy enough to update drivers beyond what the computer tells them to do? How many laptops etc come with those "helpful" OEM turds designed to do this for you?
Computers are magical, spooky things beyond the comprehension of mere mortals.. they don't want to know such things. My in-laws sure don't. They just want to sync the camera and print some stuff.
Admin privs? Really? Do you know how many people disable UAC and run as a user with admin perms?
Why are you surprised people want this?
What's appalling is just how lazy and incompetent almost every company is about security. These are marketing features, slapped together and pushed out the door. Nobody gives a crap about security, because they have no consequences for not giving a crap about security.
Sure, but you'd think they'd at least be willing to listen to WHY they've pissed people off so badly to the point more people are using this stuff.
I mean, you can choose to not be aware of the fact that you serve malware and compromise people's computers like some self entitled ass... or you can try to figure out WTF you're doing wrong.
In this case, it sounds like a bunch of clueless idiots not being willing to understand why people are now actively taking steps to block them.
AdBlock isn't "the enemy".
Terrible ad practices and non-existent accountability for delivering malware is. Bad management of our personally identifying data is. Not understanding we no longer wish to be tracked by 20 entities on every web site we visit is.
The IAB feels entitled to this stuff. Which means the rest of us will, without any remorse, actively deny it to them.
I don't owe brightcove or scorecard research a damned thing, and I never will. The sooner they stop acting like spoiled children the more they might understand the mess they're in.
Well, the reality is it's a short term way to sound like you know something you don't, with no real long term consequences. In 10 years think anybody is going to lose sleep over how wrong he was? Or even remember?
I long ago decided that when I hear pundits, prognosticators, and futurists telling me what the future will hold that they're mostly full of shit.
They generally fall into the category of people who have something to gain by that particular prediction coming true... or people making predictions because they get paid to but who otherwise don't know any better than you or I.
The guy who tells you what the future is because he'll profit from it can be ignored, because he's got too much on the line to be credible. The guy who tells you what the future will be because he's paid to, well he can be ignored because he's too full of shit to be credible.
Ignore the shills, because they stand to profit from what they tell you -- think Gartner reports about any technology, or bond ratings agencies, or stock brokers pushing something specific. They're all getting paid to push a product. Their opinion is for sale.
And then ignore the yahoos telling you the future because they need to fill a column or otherwise convince people they know something.
I don't think there's much risk of a "humbling dose" of anything here. More like yet another prediction by yet another tech guy which carries all the weight of a fart in a hurricane.
I just don't listen to such things any more. I sure as hell don't believe them. And I most especially try not to validate them by pretending they're credible.
The result of this is that the only software able to survive was FOSS. It couldn't be bought by MS, it couldn't have its distribution channel killed.
No, but it could be vaguely threatened as being in violation of a bunch of patents Microsoft refused to name, thereby insinuating that it might not be safe to use.
There were a bunch of years they did that.
Oh, and there's that whole secure boot/UEFI thingy in which they can try to deny you access to the hardware.
No, because in part patent consolidation means the boogeymen in the garage have no hope in hell.
Come up with new and disruptive technologies? We'll buy you out as soon as you're on the radar.
Won't sell because you have visions of being the next big thing? We'll ensure our lawyers make it so you'll never see the light of day.
The tech industry has fundamentally changed. There IS no way a startup could do something which isn't covered under patents and other agreements between the big companies who have all mutually agreed to licensing deals.
Time was people started companies because they had a cool idea for a product, and wanted to start companies.
These days it's give the illusion of a cool product long enough to cash out and run like hell.
It's stable because it's becoming increasingly impossible to get into the game.
When they outlaw freedom, only criminals will have freedom.
That America is beginning to forget the historical reasons why anonymous speech is a protected class of speech is scary. That America has pretty much decided all other freedoms are options is utterly terrifying.
All of these new school fascists who think the only way to protect liberty is to take away liberty, and the only way to defend your rights is to curtail them... these asses need to be hung for treason.
That oath you took to defend and uphold the Constitution from enemies foreign and domestic? That means defending the rights enumerated in it.
The problem is the people who claim to be defending it are wiping their asses with it.
If you try hard enough, you can likely find a super tenuous connection to an act of terrorism to almost anybody.
Somewhere there's a bizarre chain of crap which says "Rik Sweeney went to school with a guy who went to the same mosque as a guy who washed the floors where a guy was in the same English class with the guys who delivered pizza to guys who did the Boston Marathon shootings". Ta da, you're linked to terrorism.
If you go chasing shadows you can make up any old crap. It doesn't make it evidence of a damned thing.
The problem is both the press and the idiots who claim they're trying to protect our freedoms treat these tenuous links as if they are meaningful.
I'm looking for suggestions on introductory software engineering projects for a high school level student. Assume the student can do basic math (up through Algebra I or Statistics I) but is new to logic and computer science.
First off, stop calling this software engineering, because it isn't. No more than a potato gun is rocket science.
This is an into computer programming assignment, but it sure as hell isn't engineering, and it sure isn't "software engineering".
Engineering is a discipline, and involves far more complexity than what you're describing. In many places it's also a licensed profession like "doctor" where you can't just slap engineer on your title.
Don't do yourself or your students the disservice of going around saying "yarg, I'm teaching teh software engineering". There's enough self-aggrandizing titles in the industry as it is without pretending a high school "learn to code" project is anything resembling "engineering".
Because everything connected to the internet these days.
Even if your "remote" access is across the building, it's the protocol which is used, because it's already implemented.
Advantech advertises such products as a simple way to bring remote management and data accessibility to thousands of industrial devices that cannot natively connect to TCP/IP networks.
The bigger question is why do keep accepting that apparently complete morons are in charge of building these devices?
Hard-coded SSH keys is pathetic. Allowing any password whatsoever to open the device?? That's some epic fail right there.
If you are writing a security system (and I'll use that term loosely), if you can't be arsed to test what happens if you put in a wrong password... you have no damned business writing a security system.
First two tests: good password, bad password. If you didn't test bad password, you're fired.
This can really only come down to sheer incompetence, or outright fraud. Either you're too clueless to be in the game, or you know damned well you've done a piss-poor job but tried to hide it.
I keep saying, until corporations carry penalties and legal liability for being incompetent/lazy/indifferent about security, not a damned thing will change.
Anybody who bought one of these things needs to be demanding their damned money back.
I have one because of my ISP. I know people who have had their Yahoo address so long they keep it out of sheer inertia.
To me this comes down to the fundamental problem: why the hell do we keep trusting websites to run arbitrary scripts? And why the hell do we trust 3rd party scripts in web pages?
So some greedy bastard can give you an ad?
The average Yahoo user likely doesn't use script blockers, and isn't going to start out blocking them only to whitelist what they want.
I can barely convince my wife to keep using the script blocker I've put into her Chrome to block all this shit.
At this point, the entire web has been written on the moronic assumption that people should just let everything run, which leads to stuff like this.
What we need to do is look at this stuff, and remove the default trust... and what the ad and analytics companies want be damned. They're as much part of the problem as anything, and as often as not they end up serving up the malware in the first place.
Yes, Yahoo has some stuff they need to fix... but I don't see this as being any more vulnerable than what your average web page expects you to do.
I understand that the modern lie of continued profit growth for companies is impossible, I understand that it's bullshit to say maximizing shareholder value drives the economy instead of just leeching off it, I understand that cutting taxes for the rich will never ever do anything for anybody but the rich, I understand that letting corporations play shell games to avoid taxes doesn't help anybody but them.
Modern economics is a whole series of bullshit lies which mostly ensure the 1% owns more and more while leaving the rest of us to beg for scraps.
Having the world dictated based on what is good for sociopath corporations is only of benefit to those sociopath corporations, and the rich investors who make the money. And it doesn't do a damned bit of good for the rest of us.
Offshoring is just corporations changing part of an economy into "shareholder value" at the expense of the nation who lost the jobs... it's nations subsidizing shareholder profits, but it sure as fuck doesn't benefit the nation.
Modern economics is such a web of lies and bullshit as to defy any form of credibility. It's just theft on a global scale.
The beavers collect the birch trees... the moose mill them into components... the geese assemble them... the seagulls are in charge of packaging... and the seals handle marketing... and Temporary Foreign Workers write the code.
Why should we continue to embrace the idea that amoral companies can do anything they choose in the name of profits?
Why should we continue to give a damn what companies think is best for them?
Why the fuck have we mistaken "shareholder value" for "the economy"?
Big fucking deal, the 1% make a better ROI on Apple et al because we let them act like sociopaths, if it's only the corporations and major stock holders who benefit?
Fuck that, all these companies gutting the economy for their own profits doesn't help all but the richest people. And it's time we stopped giving a fuck about what benefits the richest people.
Sure, but taken far enough this solution would mean the attackers would need to write a whole new thing.
Once you have this, you check something new, identify it as a match of the thing, and add it.
The attackers can always be more nimble, but if a solution which can adapt and say "oh, that's just a variation of this, I'll block it" then you can at least ratchet up the arms race.
Well, it's really interesting... from the limited stuff in the article, it's essentially calculus (I think).
Sure, you can do a lot of permutations, but you can only do so many of them which are fundamentally different. Because they still share some underlying similarity with the original.
As I understood it, imagine a wavy line through space. Variations of the same thing will follow that wavy line +- some space around that line for the permutations. Close up the permutations look really different, but as you pull back, the space around the wavy line collapses into just a thicker line.
I you came from the same original source, you can only be so much different from that. And very different origins will create different wavy lines through space.
So, even a unique permutation could be detected as "well, ultimately it's just one of these, otherwise it wouldn't match so closely".
Of course, calculus was a long time ago, and this isn't my field so I might have missed the mark... but it seems like your unique permutation could fall into a category which is more readily recognized as being in a known category.
If you're within a certain margin of that wavy line through space, you're just a permutation.
Yup, use of their tools, access to student data, and control over outcomes and usage.
And once again Microsoft injects itself into education and defines how it should be done.
And we will NEVER see actual evidence learning Minecraft resulted in better educational outcomes of long-term employment.
This is just more vendor lock-in of schools for what Microsoft has deemed a growth market, and which is being manipulated for their self-serving purposes.
Slashdot Mirror
See, for so many people, unless a popup comes up, says you need an updated driver, and guides them through the process ... this is exactly what won't happen. They don't know a damned thing about this.
Are you so utterly out of touch with non-technical people to not grasp that these people aren't going gee, I need to update my driver so I should hop on over to the manufacturer website and find it? They're going "ZOMG, kittens!" They don't even know (or care) what a driver is.
Honestly, do you now know any non-technical people? Because the first bunch of steps in this process simply don't happen.
So, how many people have computers? How many of them are savvy enough to update drivers beyond what the computer tells them to do? How many laptops etc come with those "helpful" OEM turds designed to do this for you?
Computers are magical, spooky things beyond the comprehension of mere mortals .. they don't want to know such things. My in-laws sure don't. They just want to sync the camera and print some stuff.
Admin privs? Really? Do you know how many people disable UAC and run as a user with admin perms?
Why are you surprised people want this?
What's appalling is just how lazy and incompetent almost every company is about security. These are marketing features, slapped together and pushed out the door. Nobody gives a crap about security, because they have no consequences for not giving a crap about security.
Sure, but you'd think they'd at least be willing to listen to WHY they've pissed people off so badly to the point more people are using this stuff.
I mean, you can choose to not be aware of the fact that you serve malware and compromise people's computers like some self entitled ass ... or you can try to figure out WTF you're doing wrong.
In this case, it sounds like a bunch of clueless idiots not being willing to understand why people are now actively taking steps to block them.
AdBlock isn't "the enemy".
Terrible ad practices and non-existent accountability for delivering malware is. Bad management of our personally identifying data is. Not understanding we no longer wish to be tracked by 20 entities on every web site we visit is.
The IAB feels entitled to this stuff. Which means the rest of us will, without any remorse, actively deny it to them.
I don't owe brightcove or scorecard research a damned thing, and I never will. The sooner they stop acting like spoiled children the more they might understand the mess they're in.
Well, the reality is it's a short term way to sound like you know something you don't, with no real long term consequences. In 10 years think anybody is going to lose sleep over how wrong he was? Or even remember?
I long ago decided that when I hear pundits, prognosticators, and futurists telling me what the future will hold that they're mostly full of shit.
They generally fall into the category of people who have something to gain by that particular prediction coming true ... or people making predictions because they get paid to but who otherwise don't know any better than you or I.
The guy who tells you what the future is because he'll profit from it can be ignored, because he's got too much on the line to be credible. The guy who tells you what the future will be because he's paid to, well he can be ignored because he's too full of shit to be credible.
Ignore the shills, because they stand to profit from what they tell you -- think Gartner reports about any technology, or bond ratings agencies, or stock brokers pushing something specific. They're all getting paid to push a product. Their opinion is for sale.
And then ignore the yahoos telling you the future because they need to fill a column or otherwise convince people they know something.
I don't think there's much risk of a "humbling dose" of anything here. More like yet another prediction by yet another tech guy which carries all the weight of a fart in a hurricane.
I just don't listen to such things any more. I sure as hell don't believe them. And I most especially try not to validate them by pretending they're credible.
For some odd reason, that almost exactly describes a chihuahua. ;-)
A quivering little ball of acid reflux, hostility, and fear. Are they supposed to shake like that?
No, but it could be vaguely threatened as being in violation of a bunch of patents Microsoft refused to name, thereby insinuating that it might not be safe to use.
There were a bunch of years they did that.
Oh, and there's that whole secure boot/UEFI thingy in which they can try to deny you access to the hardware.
No, they're too busy being lawyers or running corporations.
No, because in part patent consolidation means the boogeymen in the garage have no hope in hell.
Come up with new and disruptive technologies? We'll buy you out as soon as you're on the radar.
Won't sell because you have visions of being the next big thing? We'll ensure our lawyers make it so you'll never see the light of day.
The tech industry has fundamentally changed. There IS no way a startup could do something which isn't covered under patents and other agreements between the big companies who have all mutually agreed to licensing deals.
Time was people started companies because they had a cool idea for a product, and wanted to start companies.
These days it's give the illusion of a cool product long enough to cash out and run like hell.
It's stable because it's becoming increasingly impossible to get into the game.
If you don't think the US government would demand of it of the rest of the world to fight terrorism you're a fool.
America is pioneering the new global fascism, all while pretending to be promoting justice, liberty, and freedom.
Make no mistake, America has ceased to be about any of these things. Not for Americans, and sure as hell not for anybody else.
Hmm ... is this a corner case of Rule #34? Like gimp suits and collars for everybody?
The internet is a weird place.
When they outlaw freedom, only criminals will have freedom.
That America is beginning to forget the historical reasons why anonymous speech is a protected class of speech is scary. That America has pretty much decided all other freedoms are options is utterly terrifying.
All of these new school fascists who think the only way to protect liberty is to take away liberty, and the only way to defend your rights is to curtail them ... these asses need to be hung for treason.
That oath you took to defend and uphold the Constitution from enemies foreign and domestic? That means defending the rights enumerated in it.
The problem is the people who claim to be defending it are wiping their asses with it.
Well, yeah. It's like Six Degrees of Kevin Bacon.
If you try hard enough, you can likely find a super tenuous connection to an act of terrorism to almost anybody.
Somewhere there's a bizarre chain of crap which says "Rik Sweeney went to school with a guy who went to the same mosque as a guy who washed the floors where a guy was in the same English class with the guys who delivered pizza to guys who did the Boston Marathon shootings". Ta da, you're linked to terrorism.
If you go chasing shadows you can make up any old crap. It doesn't make it evidence of a damned thing.
The problem is both the press and the idiots who claim they're trying to protect our freedoms treat these tenuous links as if they are meaningful.
First off, stop calling this software engineering, because it isn't. No more than a potato gun is rocket science.
This is an into computer programming assignment, but it sure as hell isn't engineering, and it sure isn't "software engineering".
Engineering is a discipline, and involves far more complexity than what you're describing. In many places it's also a licensed profession like "doctor" where you can't just slap engineer on your title.
Don't do yourself or your students the disservice of going around saying "yarg, I'm teaching teh software engineering". There's enough self-aggrandizing titles in the industry as it is without pretending a high school "learn to code" project is anything resembling "engineering".
Because everything connected to the internet these days.
Even if your "remote" access is across the building, it's the protocol which is used, because it's already implemented.
The bigger question is why do keep accepting that apparently complete morons are in charge of building these devices?
Hard-coded SSH keys is pathetic. Allowing any password whatsoever to open the device?? That's some epic fail right there.
If you are writing a security system (and I'll use that term loosely), if you can't be arsed to test what happens if you put in a wrong password ... you have no damned business writing a security system.
First two tests: good password, bad password. If you didn't test bad password, you're fired.
This can really only come down to sheer incompetence, or outright fraud. Either you're too clueless to be in the game, or you know damned well you've done a piss-poor job but tried to hide it.
I keep saying, until corporations carry penalties and legal liability for being incompetent/lazy/indifferent about security, not a damned thing will change.
Anybody who bought one of these things needs to be demanding their damned money back.
Yup, you're a fucking moron.
If I had the resources to invest in them and change their policy, I'd be vastly wealthy.
Keep flapping your gums idiot, but don't pretend like the market isn't a stacked deck which only benefits a small number of people.
You might as well suggest chocolate pudding and unicorn farts would solve these problems. Because you'd be just as clueless and unaware of reality.
Save your bullshit for someone else.
Sorry, I wasn't clear in what I was citing:
At 150W, that's 26 cards. At your 250W, that's 16 cards.
4000W isn't that hard to reach ... put it into a case with all of the other things, and you're talking, what, 3-4 machines?
So, yeah, they're not 1000W cards, but if you're talking about combining a couple plus the rest of the overhead it's not that hard to get there.
I have one because of my ISP. I know people who have had their Yahoo address so long they keep it out of sheer inertia.
To me this comes down to the fundamental problem: why the hell do we keep trusting websites to run arbitrary scripts? And why the hell do we trust 3rd party scripts in web pages?
So some greedy bastard can give you an ad?
The average Yahoo user likely doesn't use script blockers, and isn't going to start out blocking them only to whitelist what they want.
I can barely convince my wife to keep using the script blocker I've put into her Chrome to block all this shit.
At this point, the entire web has been written on the moronic assumption that people should just let everything run, which leads to stuff like this.
What we need to do is look at this stuff, and remove the default trust ... and what the ad and analytics companies want be damned. They're as much part of the problem as anything, and as often as not they end up serving up the malware in the first place.
Yes, Yahoo has some stuff they need to fix ... but I don't see this as being any more vulnerable than what your average web page expects you to do.
Oh, I understand economics.
I understand that the modern lie of continued profit growth for companies is impossible, I understand that it's bullshit to say maximizing shareholder value drives the economy instead of just leeching off it, I understand that cutting taxes for the rich will never ever do anything for anybody but the rich, I understand that letting corporations play shell games to avoid taxes doesn't help anybody but them.
Modern economics is a whole series of bullshit lies which mostly ensure the 1% owns more and more while leaving the rest of us to beg for scraps.
Having the world dictated based on what is good for sociopath corporations is only of benefit to those sociopath corporations, and the rich investors who make the money. And it doesn't do a damned bit of good for the rest of us.
Offshoring is just corporations changing part of an economy into "shareholder value" at the expense of the nation who lost the jobs ... it's nations subsidizing shareholder profits, but it sure as fuck doesn't benefit the nation.
Modern economics is such a web of lies and bullshit as to defy any form of credibility. It's just theft on a global scale.
The beavers collect the birch trees ... the moose mill them into components ... the geese assemble them ... the seagulls are in charge of packaging ... and the seals handle marketing ... and Temporary Foreign Workers write the code.
What do you guys use?
Why should we continue to embrace the idea that amoral companies can do anything they choose in the name of profits?
Why should we continue to give a damn what companies think is best for them?
Why the fuck have we mistaken "shareholder value" for "the economy"?
Big fucking deal, the 1% make a better ROI on Apple et al because we let them act like sociopaths, if it's only the corporations and major stock holders who benefit?
Fuck that, all these companies gutting the economy for their own profits doesn't help all but the richest people. And it's time we stopped giving a fuck about what benefits the richest people.
Sure, but taken far enough this solution would mean the attackers would need to write a whole new thing.
Once you have this, you check something new, identify it as a match of the thing, and add it.
The attackers can always be more nimble, but if a solution which can adapt and say "oh, that's just a variation of this, I'll block it" then you can at least ratchet up the arms race.
Well, they could also go with the more accurate ... "All your base are belong to us".
Well, it's really interesting ... from the limited stuff in the article, it's essentially calculus (I think).
Sure, you can do a lot of permutations, but you can only do so many of them which are fundamentally different. Because they still share some underlying similarity with the original.
As I understood it, imagine a wavy line through space. Variations of the same thing will follow that wavy line +- some space around that line for the permutations. Close up the permutations look really different, but as you pull back, the space around the wavy line collapses into just a thicker line.
I you came from the same original source, you can only be so much different from that. And very different origins will create different wavy lines through space.
So, even a unique permutation could be detected as "well, ultimately it's just one of these, otherwise it wouldn't match so closely".
Of course, calculus was a long time ago, and this isn't my field so I might have missed the mark ... but it seems like your unique permutation could fall into a category which is more readily recognized as being in a known category.
If you're within a certain margin of that wavy line through space, you're just a permutation.
Yup, use of their tools, access to student data, and control over outcomes and usage.
And once again Microsoft injects itself into education and defines how it should be done.
And we will NEVER see actual evidence learning Minecraft resulted in better educational outcomes of long-term employment.
This is just more vendor lock-in of schools for what Microsoft has deemed a growth market, and which is being manipulated for their self-serving purposes.
Throw enough high-draw things like fancy graphics cards into a cluster or a rack, and it doesn't seem all that difficult.
A quick google says power hungry GPUs are the norm.
With great power comes great power bills.