figure out why anyone would put up with wireless control of their lights AT ALL - I really don't feel like having my evenings interrupted by the neighborhood a-hole teens turning my living room into strobe-central.
I simply can not imagine how big that slush pile is going to grow. Even if they run an automated grammar check or something and reject the out-and-out fails without human intervention, they are going to get so many submissions they aren't going to be able to keep up.
As much as I like laughing at idiots, I'm not sure that letting them know it's bullshit is in anyone's best interest. Every bit of money and manpower they devote to finding shit that doesn't exist is money and manpower that's not killing everyone else.
In fact, the RIGHT approach to this would have been to seed the marketplace with various government agents leading the bad guys on in their hunt for this mcguffin.
Remember folks: DON'T educate the bad guys. Don't tell them what they are doing wrong - it's counterproductive to make them smarter.
While I'll grant the manufacturer isn't likely to DELIBERATELY infect things, my first assumption is that the manufacturer simply has terrible security and the worm made it into the master image for all their devices.
Never assume malice where stupidity is a viable explanation.
As usual. My company uses Bacula for all our server backups, and it works pretty well, once you beat the configuration into doing what you want. Some things about Bacula that I've noticed: 1) It's scheduling is more than little rigid. I'm not using it on desktop PCs for that reason (the PC pretty much needs to be there when Bacula wants it to be, or you miss that backup cycle. As near as I can tell, anyway). 2) Trying to configure the retention times for Bacula is NOT for the faint of heart. Get someone to help you. It's goofier than it should be. 3) Bacula thinks of all backup media as tapes. You can make it use disk (which is REALLY convenient for frequently accessed backups), but it still treats it like a bunch of tapes. 4) If I understand correctly, the Windows backup client software isn't free anymore.
For my PC backups both at home and at the office, I'm using Burp (http://burp.grke.org/) (I'm using the 1.4.40 stable version). Burp is REALLY easy to configure, and when a backup is missed due to the PC being off at that moment, it just figures it out when the thing comes back on line. It's capable of continuing an interrupted backup. One possible downside, depending on your setup, is that Burp DOES NOT DO TAPE. It does backups to disk. That's IT. If you need tapes, you need to go elsewhere.
I'm really fond of the easy-to-configure nature of Burp, but of course my needs match it's limited capabilities very well.
Both are in active development. If you try to use Bacula, see if you can find someone experienced to help you. I don't know that I'd have ever gotten that thing working correctly on my own the first time.
That low ransom makes it REALLY easy for the business to justify just paying them off, instead of spending the time to deal with the problem in a different way. It's even small enough that a lower level manager who doesn't want to get fired for having screwed up and let this happen might pay it himself to keep from looking bad, which means that no one else in the organization might be informed.
If the malware can get enough traction, it could still bring in the big bucks over time.
Didn't actually intend anything nefarious. Just the usual over-reaching language by a lawyer who doesn't really do anything that matters.
You'd think that after all these bad-pr-because-our-lawyers-need-muzzles incidents, companies would hire someone to keep an eye on the lawyers. The amount of time, effort (and therefore money) they spend cleaning up these messes isn't small.
If their beam-steering is actually something new and quick, then it might have applications elsewhere - medical ultrasound is a pain in the ass partly because the tech has to fool around a lot to get a good image. If you could steer the beam and do the ultrasound equivalent of auto-focus, you could make some ultrasound studies quite a bit faster and therefore easier on the patient.
But in a Starbucks? Forget it. Install 5V USB outlets on every table and call it a day instead.
They are trying to get the employees to decline the severance package. If you make the severance nasty enough, the employees turn it down, and you don't have to pay it - which looks even better on the bottom line.
Just a theory, obviously, but I'd be willing to bet that's what's going through someone's head.
Because if the bank execs actually tried to force one of these people to come back and help, their own internal security people would probably get together with the insurance company and beat the execs up and stuff them in a closet - there's things more likely to cause you trouble than forcing a disgruntled ex-employee into the office, but it's really got to be at the top of the list.
From the Business Insider article: "stopped using its signature finger-prick blood test on all but one of its more than 240 blood tests at the request of government regulators who are looking into the company's technology"
That sounds to me like the FDA doesn't think the right paperwork has been filed, and have told them to lay off till they clear up the proof that it works.
Note: that does NOT mean that the FDA doesn't think it works. The FDA seldom has a clue themselves unless there are wide-spread complains - the onus is on the manufacturer of the device to prove that it does what the manufacturer says it does. And this looks to me like the FDA doesn't have enough paperwork yet to be convinced.
As to the composition of the board: There's nothing inherently wrong there, but when dealing with the FDA, having people who've already been through the process of approving something can be helpful. But there's also plenty of consultants who can help a company through that maze, so it's really not that big of deal in my mind.
With regards to syncing via Dropbox: It's not quite as spiffy as having the passwords stored on the far end of the wire, but I use DropSync on my Android devices, and I keep it's 'sync on change' feature activated (whenever a file changes locally, it gets pushed to the Dropbox ASAP), and then run the Dropbox client on windows boxes and it's been great. You will have some lags between Android devices (DropSync has a timer to control how often it checks for stuff to download), but Windows is pretty much instant, as the Dropbox client is always in contact.
One big advantage to using the replication rather than keeping everything remote is that if I hit a spot and my phone can't get a net connection, I've still got all this stuff stored locally, so I'm not out of commission just because I'm out of contact.
I have the sneaking suspicion that this is going to backfire massively. They'll have bad data hither and yon as overworked medicos end up entering the wrong codes (hey, it's a broken femur, who cares which side?) as often as the right ones. They won't get the supposed benefits of more granular data because the data will be so screwed up that they won't be able to draw any conclusions at all.
Nothing like an industry standard to screw things up on a grand scale.
Interestingly, I doubt anyone you could talk to would be able to answer. Their engineering and operations staff might know (at the least, they'd be able to look at MTBF on their drives, and what their redundancy is), but the overall failure rate of the system depends on many more factors than that - if there's a software bug at a higher layer, the system as a whole might not replicate correctly, or might delete something it thought was replicated, only to find out later that it's not.
I doubt they have any idea what the real, total MTBF for the entire mess is.
Doesn't matter - they have to police scam accounts as it is. The biggest attraction to scammers is a zero-cost place to run scams, because most scams have such a low success rate that if it cost the scammer anything, they wouldn't do it.
If Valve restricts the accounts unless they have SOME money in the game, the scammers can't simply operate at full rate - they'll have to pick and choose the scams and targets more carefully, because there's overhead. That knocks 90% of the bozo population out of the game, and while you'll ALWAYS have scammers, the most annoying ones will go away.
HBO Now standalone streaming service coming to Apple TV and iOS apps in early April for $14.99 a month.
not really an innovation but, okay. There was nothing stopping this from happening before, why did it need an event?
Because prying HBO loose from the cable companies is actually quite a trick. It's only recently that this has been at all conceivable.
ResearchKit Announced: Is open source and allows medical researchers to create apps, and use the iPhone as a diagnostic tool.
Cool, but the apps store is still a draconian gulag. expect a dearth of crisis pregnancy apps to get written and a bunch of Abortion assistance apps to get flagged and removed as part of our nations proud tradition of culture warfare. And how do we handle HIPAA here?
HIPPA? I think it's got bigger problems than HIPPA. A device that does diagnosis is a regulated thing. There are some interesting inconsistencies around treatment of devices that just show you data from other devices, but if they really plan to make real diagnosis using an iPhone, the FDA is gonna have something to say about that.
The first response to this kind of it is 'So what?'. They made up a metric and found that in Java it's 5%. Whoop. They didn't even examine any other languages to see if the metric varies (if they had, perhaps it would be in someway interesting, though I doubt it would be particularly enlightening.)
There's nothing you can do with this information. Total waste of time.
The first big issue will be screen sizes - Android has provisions for apps supporting multiple screen sizes, but it's kind of weird in how it works, and not every app works well (or at all) if you hand it a screen size markedly different than what it was designed for.
"Lots of people think it will happen" means about nothing. People are HORRIBLY bad at predicting future trends. More so en-mass.
What people say they want and what they really want (and demonstrate by doing) are pretty much unrelated. So even if people SAY they want cashless, I doubt they'll actually vote that way when the rubber hits the road.
Don't get me started on pennies. The reason we still have them is mostly sentimental. If it were my choice I'd drop the penny AND the nickle, AND the quarter, introduce a 20 cent piece, and be done.
Dollar coin never took off because they kept making bills. Other countries that have dollar coins stopped making the bills, so the coin took over as the bills left circulation. The actual economics of the bill vs. coin in the US are quite interesting due to how well made our bills are and how long they last in circulation, but then you add in the fact the people tend to drop change in a jar at home and the question of which is better for the government gets really interesting (there's a GAO report on the subject somewhere).
Two dollar bill just doesn't really serve much of a purpose - $5 is small enough for normal use, the $2 doesn't really add much functionality to the system.
Slashdot Mirror
figure out why anyone would put up with wireless control of their lights AT ALL - I really don't feel like having my evenings interrupted by the neighborhood a-hole teens turning my living room into strobe-central.
I simply can not imagine how big that slush pile is going to grow. Even if they run an automated grammar check or something and reject the out-and-out fails without human intervention, they are going to get so many submissions they aren't going to be able to keep up.
I give it two weeks.
As much as I like laughing at idiots, I'm not sure that letting them know it's bullshit is in anyone's best interest. Every bit of money and manpower they devote to finding shit that doesn't exist is money and manpower that's not killing everyone else.
In fact, the RIGHT approach to this would have been to seed the marketplace with various government agents leading the bad guys on in their hunt for this mcguffin.
Remember folks: DON'T educate the bad guys. Don't tell them what they are doing wrong - it's counterproductive to make them smarter.
While I'll grant the manufacturer isn't likely to DELIBERATELY infect things, my first assumption is that the manufacturer simply has terrible security and the worm made it into the master image for all their devices.
Never assume malice where stupidity is a viable explanation.
As usual.
My company uses Bacula for all our server backups, and it works pretty well, once you beat the configuration into doing what you want.
Some things about Bacula that I've noticed:
1) It's scheduling is more than little rigid. I'm not using it on desktop PCs for that reason (the PC pretty much needs to be there when Bacula wants it to be, or you miss that backup cycle. As near as I can tell, anyway).
2) Trying to configure the retention times for Bacula is NOT for the faint of heart. Get someone to help you. It's goofier than it should be.
3) Bacula thinks of all backup media as tapes. You can make it use disk (which is REALLY convenient for frequently accessed backups), but it still treats it like a bunch of tapes.
4) If I understand correctly, the Windows backup client software isn't free anymore.
For my PC backups both at home and at the office, I'm using Burp (http://burp.grke.org/) (I'm using the 1.4.40 stable version).
Burp is REALLY easy to configure, and when a backup is missed due to the PC being off at that moment, it just figures it out when the thing comes back on line.
It's capable of continuing an interrupted backup.
One possible downside, depending on your setup, is that Burp DOES NOT DO TAPE.
It does backups to disk. That's IT. If you need tapes, you need to go elsewhere.
I'm really fond of the easy-to-configure nature of Burp, but of course my needs match it's limited capabilities very well.
Both are in active development.
If you try to use Bacula, see if you can find someone experienced to help you. I don't know that I'd have ever gotten that thing working correctly on my own the first time.
That low ransom makes it REALLY easy for the business to justify just paying them off, instead of spending the time to deal with the problem in a different way. It's even small enough that a lower level manager who doesn't want to get fired for having screwed up and let this happen might pay it himself to keep from looking bad, which means that no one else in the organization might be informed.
If the malware can get enough traction, it could still bring in the big bucks over time.
Didn't actually intend anything nefarious. Just the usual over-reaching language by a lawyer who doesn't really do anything that matters.
You'd think that after all these bad-pr-because-our-lawyers-need-muzzles incidents, companies would hire someone to keep an eye on the lawyers. The amount of time, effort (and therefore money) they spend cleaning up these messes isn't small.
If their beam-steering is actually something new and quick, then it might have applications elsewhere - medical ultrasound is a pain in the ass partly because the tech has to fool around a lot to get a good image. If you could steer the beam and do the ultrasound equivalent of auto-focus, you could make some ultrasound studies quite a bit faster and therefore easier on the patient.
But in a Starbucks? Forget it. Install 5V USB outlets on every table and call it a day instead.
They are trying to get the employees to decline the severance package. If you make the severance nasty enough, the employees turn it down, and you don't have to pay it - which looks even better on the bottom line.
Just a theory, obviously, but I'd be willing to bet that's what's going through someone's head.
Because if the bank execs actually tried to force one of these people to come back and help, their own internal security people would probably get together with the insurance company and beat the execs up and stuff them in a closet - there's things more likely to cause you trouble than forcing a disgruntled ex-employee into the office, but it's really got to be at the top of the list.
From the Business Insider article:
"stopped using its signature finger-prick blood test on all but one of its more than 240 blood tests at the request of government regulators who are looking into the company's technology"
That sounds to me like the FDA doesn't think the right paperwork has been filed, and have told them to lay off till they clear up the proof that it works.
Note: that does NOT mean that the FDA doesn't think it works. The FDA seldom has a clue themselves unless there are wide-spread complains - the onus is on the manufacturer of the device to prove that it does what the manufacturer says it does. And this looks to me like the FDA doesn't have enough paperwork yet to be convinced.
As to the composition of the board: There's nothing inherently wrong there, but when dealing with the FDA, having people who've already been through the process of approving something can be helpful. But there's also plenty of consultants who can help a company through that maze, so it's really not that big of deal in my mind.
With regards to syncing via Dropbox:
It's not quite as spiffy as having the passwords stored on the far end of the wire, but I use DropSync on my Android devices, and I keep it's 'sync on change' feature activated (whenever a file changes locally, it gets pushed to the Dropbox ASAP), and then run the Dropbox client on windows boxes and it's been great. You will have some lags between Android devices (DropSync has a timer to control how often it checks for stuff to download), but Windows is pretty much instant, as the Dropbox client is always in contact.
One big advantage to using the replication rather than keeping everything remote is that if I hit a spot and my phone can't get a net connection, I've still got all this stuff stored locally, so I'm not out of commission just because I'm out of contact.
I believe the old saying 'A fish rots from the head' is applicable here.
Is he refunding the original purchaser's money? Or just keeping it, and taking away the software? Because if it's the former, then...he's a thief.
I have the sneaking suspicion that this is going to backfire massively. They'll have bad data hither and yon as overworked medicos end up entering the wrong codes (hey, it's a broken femur, who cares which side?) as often as the right ones. They won't get the supposed benefits of more granular data because the data will be so screwed up that they won't be able to draw any conclusions at all.
Nothing like an industry standard to screw things up on a grand scale.
As if IoT wasn't insecure enough already - let's put the BIGGEST consumer malware target into everything!
Anyone else think this is bad idea?
Interestingly, I doubt anyone you could talk to would be able to answer. Their engineering and operations staff might know (at the least, they'd be able to look at MTBF on their drives, and what their redundancy is), but the overall failure rate of the system depends on many more factors than that - if there's a software bug at a higher layer, the system as a whole might not replicate correctly, or might delete something it thought was replicated, only to find out later that it's not.
I doubt they have any idea what the real, total MTBF for the entire mess is.
The one month is till it goes read-only - your data is safe till 15 November, which is better than a lot of services have done in the past.
Doesn't matter - they have to police scam accounts as it is. The biggest attraction to scammers is a zero-cost place to run scams, because most scams have such a low success rate that if it cost the scammer anything, they wouldn't do it.
If Valve restricts the accounts unless they have SOME money in the game, the scammers can't simply operate at full rate - they'll have to pick and choose the scams and targets more carefully, because there's overhead. That knocks 90% of the bozo population out of the game, and while you'll ALWAYS have scammers, the most annoying ones will go away.
HBO Now standalone streaming service coming to Apple TV and iOS apps in early April for $14.99 a month.
not really an innovation but, okay. There was nothing stopping this from happening before, why did it need an event?
Because prying HBO loose from the cable companies is actually quite a trick. It's only recently that this has been at all conceivable.
ResearchKit Announced: Is open source and allows medical researchers to create apps, and use the iPhone as a diagnostic tool.
Cool, but the apps store is still a draconian gulag. expect a dearth of crisis pregnancy apps to get written and a bunch of Abortion assistance apps to get flagged and removed as part of our nations proud tradition of culture warfare. And how do we handle HIPAA here?
HIPPA? I think it's got bigger problems than HIPPA. A device that does diagnosis is a regulated thing. There are some interesting inconsistencies around treatment of devices that just show you data from other devices, but if they really plan to make real diagnosis using an iPhone, the FDA is gonna have something to say about that.
The first response to this kind of it is 'So what?'. They made up a metric and found that in Java it's 5%. Whoop. They didn't even examine any other languages to see if the metric varies (if they had, perhaps it would be in someway interesting, though I doubt it would be particularly enlightening.)
There's nothing you can do with this information. Total waste of time.
CDC works fine on windows. I've implemented several devices that use it to pretend to be serial ports.
The first big issue will be screen sizes - Android has provisions for apps supporting multiple screen sizes, but it's kind of weird in how it works, and not every app works well (or at all) if you hand it a screen size markedly different than what it was designed for.
"Lots of people think it will happen" means about nothing. People are HORRIBLY bad at predicting future trends. More so en-mass.
What people say they want and what they really want (and demonstrate by doing) are pretty much unrelated. So even if people SAY they want cashless, I doubt they'll actually vote that way when the rubber hits the road.
Don't get me started on pennies. The reason we still have them is mostly sentimental. If it were my choice I'd drop the penny AND the nickle, AND the quarter, introduce a 20 cent piece, and be done.
Dollar coin never took off because they kept making bills. Other countries that have dollar coins stopped making the bills, so the coin took over as the bills left circulation. The actual economics of the bill vs. coin in the US are quite interesting due to how well made our bills are and how long they last in circulation, but then you add in the fact the people tend to drop change in a jar at home and the question of which is better for the government gets really interesting (there's a GAO report on the subject somewhere).
Two dollar bill just doesn't really serve much of a purpose - $5 is small enough for normal use, the $2 doesn't really add much functionality to the system.
The problem with centralized control is that the center can give any commands it wants...