The coal plants, their pollution and mercury releases are paid for by the commons. If coal cannot be produced profitably without fouling the commons, making people sick and screwing up farming and other industries, then alternate methods of power generation need to be given more weight. Mercury is special because it takes a LONG time for it to be absorbed by plant life, it can't be cleaned up, and it never actually goes away... not in human time scales.
When the regulations are changed, the money will *not* be redirected to other environmental controls. It will go to profits.
Reduced profits from coal would have meant more careful consideration of other power generation methods. Subsidizing coal power with the health of the people and the commons is still subsidizing coal.
The article was going on about how it was a counterpoint to the medical community's set of treatments for which they believe a trial is not necessary because you "wouldn't create a trial on the necessity of parachutes." A trial like that would be impossible to conduct and unethical.
So, here they conducted one.
It's strange because it *supports* the point that not only could you not conduct a trial on the necessity of parachutes, but you can abuse the system to create a trial where you can demonstrate the ineffectiveness of parachutes.
This seems to say that medical researchers *should* assume things are so rather than even trust papers which demonstrate that it is *not* the case. I mean, what kind of argument can this paper be used for?:
"WAIT!!! Have you conducted a medical *trial* on the effectiveness of setting a broken bone?"
"no. Would you conduct a trial on jumping on a plane without a parachute?"
"Yes I would, and it demonstrated that parachutes are ineffective!"
"You're a moron. Set the fucking bone."
But hey, it's not my field. Not even a layman here, just a passer-by. Seems like a funny paper, but I think it's in poor taste because of the weird anti-research conclusion.
It would make for an interesting pentest, litter the parking lot with 5.25 and 8 inch floppies labeled "hangman", "death valley", "ascii art" or even just "STUXNET2.COM".
I'm not sure where the article summary got their list of findings. The report mentions USB *once*, and that's in a reference to a NIST glossary for removable media.
Whomever summarized the summary appeared to not understand the report and added their own color and errors to it.
"USB Thumb Drives" seems to be fabricated from the submitter reading "removable media"
The ZDNet article is also guilty of this. E.g.,
"DOD IG officials also discovered that at one MDA location, IT administrators failed to install an intrusion detection and prevention system --also known as an antivirus or security product.
No. Just no.
The report looks interesting though, far more nuanced.
I've bought Apple equipment refurbed by IBM. They have a process to decommission employee workstations and stuff, so it's professionally done, but not from the manufacturer.
People are full of it, and anti-Apple comments get modded up here.
My 6s+ is still running strong. IOS12 seems to have sped it up too.
Might consider the battery swap while it's still cheap... 90% and I have an anecdote from a coworker that her phone nosedived fast when she got hers swapped.
No need nor desire to swap my phone. It's still great and has a headphone jack.
It's a bit of a straw man. I'm a proponent of the CoCs, but I think most of them are crap.
The first one I was involved with was imposed and leveraged by a social pariah to advertise their non-mainstream lifestyle to anyone and everyone who came near the group. People started leaving because they were embarrassed at being associated. The tough part is that although somebody is of a marginalized group, it's very difficult to put your finger on when exactly they go from protecting themselves, to being on a righteous power trip or enjoying CONSTANTLY being the center of attention. Fucking exhausting.
We tried to address the pariah problem, but ultimately failed. The group dissolved into sub-groups of private invitation only. I think the main group still meets, but it's just a clique of kinky and extremely awkward people now.
I've had the reverse experience with CoCs too, but it's a long story... the key there was to have the code simply keep people off the topics of sex and religion, and to try to avoid politics.
You want to talk endlessly about your kink/trans/furry/poly/pickup artist escapades? No. Not. One. Word. You're welcome to attend, you're welcome to mention it casually if you find a way to slip it into a polite conversation, you're protected if somebody finds out and tries to be an ass, but it's off-topic. Even if it IS kinky-trans-poly-pickup-furry-computer related.
Mostly agreed here... but you touch on something that bugs me about a lot of these CoCs.
CoCs for communities are different than CoCs for events. Any community CoC which relies on a "board" or "commitee" make decisions about "transgressions" is doomed to fail. When reporters have to be interviewed, issues have to be documented and decisions made, it turns volunteers into some perverted authority figure. Nobody wants that job. You will not find qualified volunteers. Who wants to be the guy to call up the member and say "hey, you know that email you sent to snowflakedandilion? it's not appropriate, go say sorry in public or we're goign to have to ask you again" Issues will fail to be actioned and the board/commitee/whatever will be at "fault."
CoCs are handy for when some asshole at a bar who barely ever attends events is caught showing off pornography to his buddy and gets kicked out. Or for when the sponsoring educational institution catches somebody pirating software at an event. Or when somebody gives a presentation at a conference and says "I'm a proud member of xyz, then includes pics of Putin bending Trump over the bar to get a laugh out of the audience". The community can defend itself and say "No, we don't condone that behaviour, no that's not what we're about". If you're lucky enough to spot it ahead of time, you can tell that person "seriously, what the fuck? it says right here not to do that shit" and the group can distance itself.
CoCs are not very useful for interpersonal grey areas. For that stuff, fuzzy rules about "don't be an asshole", and a little bit of "this is what an asshole is", are needed... but the board/committee/whatever should be a very last resort. After the "victim" told the person that's inapprpriate, after they told the person to stop, after they continued.... after a board member heard about it and couldn't do anythign to say "seriously dude what the fuck is wrong with you?" , then the board needs to do something.... but omg, that should be very, very rare, and board powers are very, very limited in open communities.
You ban them, they create new emails, you ask them not to attend events, but they show up anyway... do you start talkign to campus security and start legal processes? Do you have the money for that? You send them registered mail... At least when they do something horrible which hits the media or a sponsoring organization, you can point to the letter and say "yeah, it's against our community CoC, and we've done everything we could about this parasite, but we're having trouble physically ejecting this turd"
An event CoC by comparison can take away a badge, have security escort them out and put their name on a blacklist for buying tickets next year.
Meh. Experts are using a mix of solutions and researching renewables. All good from my standpoint. Fossil fuel subsidies and free carbon waste should end though. Carbon taxes etc, would put nuclear on stronger footing.
The material used in renewable generation can be recycled.
Nuclear waste issues are complex and not fully resolved. They're not purely technical problems either.
Nuclear safety issues are also complex and not fully resolved. Sure a blue-sky fresh power plant built with the best technologies is a dandy thing, but that's not what we're talking about.
I felt that way before I was 25 or so. I even swore by the IBM Trackpoint. Never needed to take my fingers off the keyboard.
In their late 20's, most people's shoulders, necks, backs and wrists start to ache either reaching up to the keyboard, or leaning over their display. It's ok for short periods of time, but after more than a few days...
"...According to a summary of the meeting, the request was driven by Clinton's reliance on her BlackBerry for email and keeping track of her calendar. Clinton chose not to use a laptop or desktop computer that could have provided her access to email in her office..."
"...Mills also asked about waivers provided during the Bush administration to then-Secretary of State Condoleezza Rice for her staff to use BlackBerrys in their secure offices. But the NSA had phased out such waivers due to security concerns..."
There's a hard-coded "backdoor" password called: MASTER PASSWORD. If you set it, it means that you might be the IT shop setting up machines for the organization. If you don't set it, it's like buying a lock with a master key and leaving the master key in the lock... because you're not going to use the master key anyway, right?
For the storage issue, it looks like the EVO 840 had a bug which the EVO 850 might have addressed. No disclosure etc. I'm not sure if setting the master password, then using a ATA Secure Erase would scramble the DEK and render the traces of the previously stored DEK unusable. ATA Secure Erase has always been sensible when setting these things up, but it's all black-box voodoo anyway.
BTW, if you think that having a master password on your device means that your encryption is sound, you probably wouldn't do much better setting up crypto in software. This kind of crypto doesn't quite handle the same use cases as software based crypto. It's not really sensible to do a direct comparison.
Some interesting bits from the paper: The EVO850 seems to have addressed an issue in the EVO840 storing the DEK before encrypting it with the user key. An ATA cryptographic erase was always a sensible way to (supposedly) scramble the DEK from the factory delivered DEK (who knows where it gets its entropy?).
The EVO850 with the master password feature disabled seems to be fine.... or am I missing something?
"... RH must make the source publicly available.."
That's not what the GPL says.
You only have to distribute the source code, or an offer to the source code to the recipient of the object code. It doesn't need to be public. RHEL's been good about making it public, especially since they do not publicly distribute the object code.
For CentOS to continue receiving the complete source code from IBM, they would need to subscribe to every single product that they republish the object code for.
This is not to say they couldn't get it from someone else who subscribed, but if IBM doesn't distribute RHEL in a similar omnibus form, it could be very difficult to set up reliable relationships with all the organizations which subscribe to every component of what is now RHEL.
When I was a kid the most compelling thing about computers to me was that it was unmoderated with no overarching purpose.
There were no *limits* placed upon me, no tedious curriculum and nobody who didn't-seem-to-quite-know-what-they-were-talking-about giving me emotional feedback on what I was doing. "yeah, but that's not the assignment/ you'll learn that stuff when you're older/ wow you understand that? you're so smart!"
Computers simply did not work if you used them incorrectly. There was no emotion in their response, and they were infinitely patient teachers.
China, Russia and Iran could hire teams of people to write news articles with bylines and promote them overtly, that's fine. China Daily, RT, Tehran times, are good examples.
Trolls aren't concerned with even writing news articles, not even slanted, biased news articles, the truth is immaterial to their objective, and certain truths run contrary to their objective. The trolls themselves pretend to be somebody else to disrupt conversations, recruit followers and expand their influence. They focus not on informing people, but on polarization and division. They're paid to do this, for this purpose.
"Topic: NATO troops are embedded with Ukrainian armed forces
Keywords: ukraine news, russia and ukraine, ukraine policy, ukraine, NATO, PMC (private military company)
Task: Raise this topic on 35 municipal forums
Work begins after an initial post, written by a troll in a different department, is published on the LiveJournal social-networking site under the username flcrbgrjn. The post argues that foreign mercenaries are fighting on the side of Ukrainian soldiers and links to a video that purports to show two American soldiers in the southeastern Ukrainian city of Mariupol...."
Slashdot Mirror
The coal plants, their pollution and mercury releases are paid for by the commons. If coal cannot be produced profitably without fouling the commons, making people sick and screwing up farming and other industries, then alternate methods of power generation need to be given more weight. Mercury is special because it takes a LONG time for it to be absorbed by plant life, it can't be cleaned up, and it never actually goes away... not in human time scales.
When the regulations are changed, the money will *not* be redirected to other environmental controls. It will go to profits.
Reduced profits from coal would have meant more careful consideration of other power generation methods. Subsidizing coal power with the health of the people and the commons is still subsidizing coal.
It's not the same kind of pollutant as particulate, nitrogen oxides, sulphur dioxide etc..
It is consumed by animals and travels up the food chain. It is not metabolized nor broken down. It accumulates.
The article was going on about how it was a counterpoint to the medical community's set of treatments for which they believe a trial is not necessary because you "wouldn't create a trial on the necessity of parachutes." A trial like that would be impossible to conduct and unethical.
So, here they conducted one.
It's strange because it *supports* the point that not only could you not conduct a trial on the necessity of parachutes, but you can abuse the system to create a trial where you can demonstrate the ineffectiveness of parachutes.
This seems to say that medical researchers *should* assume things are so rather than even trust papers which demonstrate that it is *not* the case. I mean, what kind of argument can this paper be used for?:
But hey, it's not my field. Not even a layman here, just a passer-by. Seems like a funny paper, but I think it's in poor taste because of the weird anti-research conclusion.
"If the device communicates with a mothership, you should not use, nor buy it."
What does this mean for G-suite for Education?
It would make for an interesting pentest, litter the parking lot with 5.25 and 8 inch floppies labeled "hangman", "death valley", "ascii art" or even just "STUXNET2.COM".
I'm not sure where the article summary got their list of findings. The report mentions USB *once*, and that's in a reference to a NIST glossary for removable media.
Whomever summarized the summary appeared to not understand the report and added their own color and errors to it.
"USB Thumb Drives" seems to be fabricated from the submitter reading "removable media"
The ZDNet article is also guilty of this. E.g.,
No. Just no.
The report looks interesting though, far more nuanced.
I've bought Apple equipment refurbed by IBM. They have a process to decommission employee workstations and stuff, so it's professionally done, but not from the manufacturer.
Rare exception though.
Lenovo equipment too, but that's less surprising.
Never heard any suggestion that they do a refurb replacement, but I guess I'll find out when I go in.
Slashdot has been on the decline for a very very long time. Sometimes I worry about what it says about me that I'm still here.
But then, the whole Internet and the popular media which Slashdot has mostly quoted in its articles has been on a decline too.
People are full of it, and anti-Apple comments get modded up here.
My 6s+ is still running strong. IOS12 seems to have sped it up too.
Might consider the battery swap while it's still cheap... 90% and I have an anecdote from a coworker that her phone nosedived fast when she got hers swapped.
No need nor desire to swap my phone. It's still great and has a headphone jack.
It's a bit of a straw man. I'm a proponent of the CoCs, but I think most of them are crap.
The first one I was involved with was imposed and leveraged by a social pariah to advertise their non-mainstream lifestyle to anyone and everyone who came near the group. People started leaving because they were embarrassed at being associated. The tough part is that although somebody is of a marginalized group, it's very difficult to put your finger on when exactly they go from protecting themselves, to being on a righteous power trip or enjoying CONSTANTLY being the center of attention. Fucking exhausting.
We tried to address the pariah problem, but ultimately failed. The group dissolved into sub-groups of private invitation only. I think the main group still meets, but it's just a clique of kinky and extremely awkward people now.
I've had the reverse experience with CoCs too, but it's a long story... the key there was to have the code simply keep people off the topics of sex and religion, and to try to avoid politics.
You want to talk endlessly about your kink/trans/furry/poly/pickup artist escapades? No. Not. One. Word. You're welcome to attend, you're welcome to mention it casually if you find a way to slip it into a polite conversation, you're protected if somebody finds out and tries to be an ass, but it's off-topic. Even if it IS kinky-trans-poly-pickup-furry-computer related.
Mostly agreed here... but you touch on something that bugs me about a lot of these CoCs.
CoCs for communities are different than CoCs for events. Any community CoC which relies on a "board" or "commitee" make decisions about "transgressions" is doomed to fail. When reporters have to be interviewed, issues have to be documented and decisions made, it turns volunteers into some perverted authority figure. Nobody wants that job. You will not find qualified volunteers. Who wants to be the guy to call up the member and say "hey, you know that email you sent to snowflakedandilion? it's not appropriate, go say sorry in public or we're goign to have to ask you again" Issues will fail to be actioned and the board/commitee/whatever will be at "fault."
CoCs are handy for when some asshole at a bar who barely ever attends events is caught showing off pornography to his buddy and gets kicked out. Or for when the sponsoring educational institution catches somebody pirating software at an event. Or when somebody gives a presentation at a conference and says "I'm a proud member of xyz, then includes pics of Putin bending Trump over the bar to get a laugh out of the audience". The community can defend itself and say "No, we don't condone that behaviour, no that's not what we're about". If you're lucky enough to spot it ahead of time, you can tell that person "seriously, what the fuck? it says right here not to do that shit" and the group can distance itself.
CoCs are not very useful for interpersonal grey areas. For that stuff, fuzzy rules about "don't be an asshole", and a little bit of "this is what an asshole is", are needed... but the board/committee/whatever should be a very last resort. After the "victim" told the person that's inapprpriate, after they told the person to stop, after they continued.... after a board member heard about it and couldn't do anythign to say "seriously dude what the fuck is wrong with you?" , then the board needs to do something.... but omg, that should be very, very rare, and board powers are very, very limited in open communities.
You ban them, they create new emails, you ask them not to attend events, but they show up anyway... do you start talkign to campus security and start legal processes? Do you have the money for that? You send them registered mail... At least when they do something horrible which hits the media or a sponsoring organization, you can point to the letter and say "yeah, it's against our community CoC, and we've done everything we could about this parasite, but we're having trouble physically ejecting this turd"
An event CoC by comparison can take away a badge, have security escort them out and put their name on a blacklist for buying tickets next year.
You sound like you're stuck in a false dichotomy.
Meh. Experts are using a mix of solutions and researching renewables. All good from my standpoint. Fossil fuel subsidies and free carbon waste should end though. Carbon taxes etc, would put nuclear on stronger footing.
The material used in renewable generation can be recycled.
Nuclear waste issues are complex and not fully resolved. They're not purely technical problems either.
Nuclear safety issues are also complex and not fully resolved. Sure a blue-sky fresh power plant built with the best technologies is a dandy thing, but that's not what we're talking about.
I say this, and I'm pro-nuclear.
Meh, anything's possible.
Impressive is being almost 40, sitting at a laptop all day for decades and not having a spine shaped like a Frito.
I felt that way before I was 25 or so. I even swore by the IBM Trackpoint. Never needed to take my fingers off the keyboard.
In their late 20's, most people's shoulders, necks, backs and wrists start to ache either reaching up to the keyboard, or leaning over their display. It's ok for short periods of time, but after more than a few days...
If not, count yourself lucky.
I have to add to this: https://www.cbsnews.com/news/emails-show-nsa-rejected-hillary-clinton-request-for-secure-smartphone/
"...According to a summary of the meeting, the request was driven by Clinton's reliance on her BlackBerry for email and keeping track of her calendar. Clinton chose not to use a laptop or desktop computer that could have provided her access to email in her office..."
"...Mills also asked about waivers provided during the Bush administration to then-Secretary of State Condoleezza Rice for her staff to use BlackBerrys in their secure offices. But the NSA had phased out such waivers due to security concerns..."
Why has this polarizing stupidity become regularly modded up here?
tip: cars don't stop at stop signs either.
"Rolling stop" you say?
You never slowed down more than a bicycle anyway.
This isn't quite right either.
There's a hard-coded "backdoor" password called: MASTER PASSWORD. If you set it, it means that you might be the IT shop setting up machines for the organization. If you don't set it, it's like buying a lock with a master key and leaving the master key in the lock... because you're not going to use the master key anyway, right?
For the storage issue, it looks like the EVO 840 had a bug which the EVO 850 might have addressed. No disclosure etc. I'm not sure if setting the master password, then using a ATA Secure Erase would scramble the DEK and render the traces of the previously stored DEK unusable. ATA Secure Erase has always been sensible when setting these things up, but it's all black-box voodoo anyway.
It's really dumb to assume otherwise.
BTW, if you think that having a master password on your device means that your encryption is sound, you probably wouldn't do much better setting up crypto in software. This kind of crypto doesn't quite handle the same use cases as software based crypto. It's not really sensible to do a direct comparison.
Some interesting bits from the paper: The EVO850 seems to have addressed an issue in the EVO840 storing the DEK before encrypting it with the user key. An ATA cryptographic erase was always a sensible way to (supposedly) scramble the DEK from the factory delivered DEK (who knows where it gets its entropy?).
The EVO850 with the master password feature disabled seems to be fine.... or am I missing something?
Don't you mean the repackagers?
CentOS developers were always RedHat. That's the point.
"... RH must make the source publicly available.."
That's not what the GPL says.
You only have to distribute the source code, or an offer to the source code to the recipient of the object code. It doesn't need to be public. RHEL's been good about making it public, especially since they do not publicly distribute the object code.
For CentOS to continue receiving the complete source code from IBM, they would need to subscribe to every single product that they republish the object code for.
This is not to say they couldn't get it from someone else who subscribed, but if IBM doesn't distribute RHEL in a similar omnibus form, it could be very difficult to set up reliable relationships with all the organizations which subscribe to every component of what is now RHEL.
When I was a kid the most compelling thing about computers to me was that it was unmoderated with no overarching purpose.
There were no *limits* placed upon me, no tedious curriculum and nobody who didn't-seem-to-quite-know-what-they-were-talking-about giving me emotional feedback on what I was doing. "yeah, but that's not the assignment/ you'll learn that stuff when you're older/ wow you understand that? you're so smart!"
Computers simply did not work if you used them incorrectly. There was no emotion in their response, and they were infinitely patient teachers.
Modern computers are a different thing.
China, Russia and Iran could hire teams of people to write news articles with bylines and promote them overtly, that's fine. China Daily, RT, Tehran times, are good examples.
Trolls aren't concerned with even writing news articles, not even slanted, biased news articles, the truth is immaterial to their objective, and certain truths run contrary to their objective. The trolls themselves pretend to be somebody else to disrupt conversations, recruit followers and expand their influence. They focus not on informing people, but on polarization and division. They're paid to do this, for this purpose.
https://tinyurl.com/y9dby46f
The problem with this kind of discussion is that you're making generalizations about how other people use their devices.
Truth is, you don't know.
...and you certainly haven't met the gaggle of galaxy-gear wearing geeks around me. Fanbois with the latest toys from Samsung exist...