At some point, you have to ascribe *some* responsibility on the [victim], no?
No.
So according to you, the jackass who jumps the fence into the lion's pit at the zoo has no responsibility for getting mauled? The text-obsessed driver who wraps his car and lungs around a tree bears no responsibility for getting his dumb ass killed?
Who do you "call" with most cloud vendors? After all, sounds like whoever was doing the DDOS to extort Code Spaces could have also "called" Amazon to do any number of things, as whoever it was had the passwords, other accounts, etc..
I've actually worked with them once - sure someone could impersonate them, but you could just as easily call up, explain the situation, and then prove you're the rightful owner of the account (using info that most script kiddies aren't going to think of gathering in the first place, let alone spoof the original contact phone #.)
To their credit, Amazon is actually fairly intelligent and responsive, even to small accounts.
BTW - if you use/handle it right, each instance comes pre-made with a specific SSH auth keyset for root, and you're the only one with the private key (even Amazon doesn't have it) - store/use that as your proof by logging into an instance with one (it's something the script kiddie definitely won't have).
Good thing people hosted their stuff on the cloud...
I don't think their problem is necessarily because it was "on the cloud" - the same thing could have happened if someone penetrated a corporate network and got hold of a VM farm. A bigger obstacle to be sure, but if your corporation has partner/vendor access and a not-so-sharp security guy...
One question I have though - instead of changing a password, why couldn't they have called Amazon, had the thing universally locked out for that company, replaced all root-level access with a new account, and sent the new username and p/w by phone back to the company?
Also, why didn't they have an offline (think: off-cloud) backup of the stuff? Sure it costs time/money/skull-sweat to do that, but it's worth the time and trouble in the end. After all, if your family jewels are hanging out there, it always pays to have a DR plan for 'em...
If nothing else, they could have set up a separate and distinct AWS account/rigging as a "DR" of sorts, with DB replication and the works feeding it as a warm DR site. That way if some jackass compromises the first, you only need to stop DB replication, turn on the rest of the DR servers, do a quick test, and shift your DNS to the backup site - 15 mintues later, you can delete the objects yourself in the original site if you want (while you set up yet a different site and build a new backup site to replace the one you just put into production.)
We have a sizable AWS setup where I work, and first/foremost we back that shit up (the DB contents) to machinery that we control. We also have a means of re-deploying/rebuilding if necessary; sure it takes time, but it's better to have it and not need it...
Are they peaking because nobody wants them, or because nobody wants to make them?
It's because they're as expensive as hell for their size, are mostly (but not always) gutless on hills and under a full load, and they originally didn't deliver the fuel savings as originally promised.
There's also that whole 'gotta replace that uber-expensive-battery-pack-in-7-to-10-years-or-so' bit... At least with a gas engine, you have some hope of stretching the car's useful life to 15 years these days.
You're making bad assumptions, and completely skipped the "(they have some sort of deal going now where..." part. Even w/o the little sale, the "value" menu that most have will land one person a burger and fries for $2, plus whatever kool-aid/drink stuff is lurking in the fridge at home.
As for the gas: in an old crap-mobile where 15 mpg is the norm, and at current prices of nearly $4/gal average, you'll burn over a gallon of gas driving 20 miles round-trip in stop-and-go traffic - if anything, I was being generous on that bit.
However, there's also a relatively significant Portland in Maine so in that case it helps to specify.
We've heard about the one out there in Maine, but most of us here in PDX think it's more myth and legend than an actual town.;)
( Fun trivia bit: the one here in Oregon was actually named for the one in Maine. The founders of our fair city had a coin toss to determine who named the town, and the winner was from Maine. If he had lost, I'd be typing this from Boston, Oregon.)
DOUBLE the poor persons food budget and they can start to eat better. Also put a big ass tax on Fast food places that sell utter crap like McDonalds and Taco Bell. They prey on the poor with their $1.00 menu.
Err, dude - there's a bit of tautology in that quoted bit up there... taxing MickeyD's won't help the poor stretch their food budget.
As someone who grew up poor, I can tell you first-hand that pricing and neighborhood conditions conspire nicely to prevent you from eating anything that isn't processed to within an inch of its existence, or isn't basically crap food.
I think the only exception I've seen is the heavily Latino neighborhoods, where, against most odds, the local Mexican grocers and meat markets actually do provide decent and fairly nutritious foods ("fresh" is still a trial to get, but at least it's better than the local Mickey D's.)
Poor people are fat because they dont eat properly.
Actually, it's because they don't have much choice in what to eat...
Consider that you only have $10 to feed your family, and just came off-shift at your minimum-wage job.
You can either buy: - a McMeal on the way home from work (they have some sort of deal going now where you can get 4 burgers, some fries, and 4 soft drinks for $9.99) - a couple of Pepperoni Little Caesars' pizzas, again on the way home from work - burn $5 or so in gas to get proper food at the nearest decent grocery store 10 miles away, and spend an extra $8 doing that - spend $15 at inflated prices for nutritious food (though it's slightly old) at the nearest bodega/grocer/phone-card/payday-loan store, - buy two heads of organic free-range vegan-gods-approved broccoli for $8 at the nearest Whole Payche... err, "Foods" roughly 15 miles away (burning $5-6 in gas) - Wait until Thursday, where you can drive 20 miles to the Farmers' Market in the ritzy part of town and spend $25 for that same family meal.
Thing is, most poor neighborhoods usually don't have decent grocery stores. Why? Because most grocers don't like losing shedloads of money due to food-stamp/EBT fraud, shoplifting, robberies, etc. This means what groceries do make it there are either non-fresh, at highly inflated prices (to offset the aforementioned losses), preserved-all-to-hell in cans or boxes, or at a very limited selection. Or, you can save on cooking and grab some fast food, like most folks do, and as a bonus the kids don't bitch and moan as much about eating it.
The ** up there means I'd be the perfect demographic for TFA, in spite of being registered as "no party" in my state. My religious persuasion is shared with most Hispanic folks, so yeah - I can see 'em bugging the hell out of me to follow whatever soundbites they want concerning immigration. Again, and I reiterate: I'll do my own thinking and actions, so fuck them.
1) You're full of crap, because BOTH parties don't like anyone who isn't a lobbyist or fundraising donor.
2) This is a dangerous precedent, no matter who does it or they target - I get enough political spam as it is. Last thing I need is for a bunch of politically-motivated ideologues to harass me in a targeted way** because they think I might be a useful-but-unwitting pawn in their efforts. If you think this will stop with some party faction looking for like-minded people, you're deluded. Next they'll reach out to independents and no-party types, and possibly even further out.
If insurance is your only beef, then like sibling said - most insurance companies can offer an "Uber" rider for a couple extra pounds/euros each month, and that's that.
Otherwise, I do have a question: why the demand for "commercial insurance" in the first place? If you and your rider get in a wreck, you're the driver, and would theoretically face the exact same liabilities as a commercial driver would - prolly less, since the plaintiff would be more likely to jack up the monetary demands against a commercial taxi. Also, most auto insurance setups actually do cover the passengers in your vehicle should they get injured, so, well - what's the beef?
If the rider gets injured, sure he can sue you - just like a hitchhiker could, or a friend riding along, or anyone really. If you're signing on to drive someone around, that's the risk you accept. One caveat, though: if the rider signed a waiver online that lists the risks, and requires him to acknowledge and agree to them before ordering a ride, he very well wouldn't have much of a case unless the driver were drunk or high or etc.
You have 100s of machines, dozens of employees, who need legitimate access. How do you share the passwords on all those machine? Is your solution cost effective? Does it account for areas with bad reception?
An RSA token and remote password server with a VPN tunnel connecting the two would suffice (all ATMs have to contact the bank *somehow* - even in a daily batch mode - else they cease to function as an ATM). Failing the VPN connection, just use a modem connection with strict ACLs at the bank's side. An initial setup can even be rigged to change the default passwords while're you're customizing the thing to add the bank's logo and suchlike.
You could have the ATM guy plug the USB stick in which updates/changes the passwords and suchlike every time he arrives to load the thing up with cash.
This isn't rocket science - it just takes a bit of forethought and execution.
Plus, if you made 10K a week keeping your front door open, but you spent 30K a year replacing any stolen item, would you lock your door?
Bad analogy for two reasons: 1) having a basic password/access policy in place wouldn't "lock your door" and keep customers out 2) customers would never notice that you have a secure password/access policy in place, but they'll damned sure know it when you don't and someone decides to exploit the lack thereof - this means $10k/wk would instantly drop to a fraction of that once a breach is known about (and banking regulations require that yes, you do inform your customers if you have one), and if the bank is small enough, would likely destroy the bank entirely.
I'm not even mildly surprised that this was possible.
Not at that I'm not... what I am surprised at is the fact that the bank didn't immediately have the kids locked-up and headed for a lifetime of prison.
No, they are not. A tariff is a tax applied ONLY TO AN IMPORTED ITEM.
You said, and I quote: "...based on where the parts are from."
Chinese parts are (wait for it...) imported, just like Chinese whole items/goods are. They are also taxed equally unless a treaty or trade agreement dictates otherwise, but that's an internal legislative affair.
A tax applied to ALL ITEMS, is simply a tax and TOTALLY LEGAL PER ALL TREATIES.
In other words, you're applying a universal tariff on all items inbound from China. You do know that a tariff is simply a tax "based on where the parts are from", right?
Maybe I'm misunderstanding what it is you;re trying to express, but if it moves internationally and is taxed due to country (or even region) of origin, then it's a tariff.
BUT, the right way to solve this is to put a single level VAT (just between wholeseller and retailer; along with any delivery trucks ) in which goods are taxed based on where the parts are from.
Nice assumption of what you think I saw in the show, but no dice for you. But, in the interest of making burger out of your sacred cow...
My big complaint with the Simpsons is that the characters have become flat stereotypes. For instance, Lisa went from uber-precocious idealist little girl down to the very model of a hipster liberal douchebag - the same kind that I see (and occasionally work with) every day in downtown PDX. The rest have similarly flattened down to the same two-dimensional ultra-predictable 'personalities' that most sitcoms desperately feature with each new TV season. I sample the episodes occasionally nowadays, and I can predict the damned ending by the first commercial break... and that my friend is why I can say with full confidence that they've jumped the frickin' shark.
As someone who has read and appreciated Groening's comics since Life in Hell (long, long before The Tracy Ullman Show aired the earliest episodes of Simpsons), I appreciate his early stuff a whole hell of a lot more than the later stuff - and have no desire or need to take in anything he's done since 2000 or so, due to the fact that it's a lot like discovering that one's favorite soda has gone flat (with the exception of the first few seasons of Futurama, which comprised a brilliant burst of awesomeness in an otherwise fading creative universe).
The Simpon's for instance could have been cancelled a few years ago, but the actors realized they could be replaced, and I guess having work at half the rate of sitcom actors was better than having no work at all.
could have? More like should have. That poor shark probably has Matt Groening's footprints all over its back in multiple paths by now...
Sadly I have to agree. All the strips that have been around for a while are on auto-pilot, coasting along on their fame. The creators are putting zero effort into them.
I'm not sure if it's just recycling gags, or if it's just that the gags were mind-blowingly awesome in the time and culture of their prime, but have since faded right along with the times and culture in which they were spawned.
Take Dilbert for example. When it came out (in the 1990s, y'all), it was a badass tour-de-force that ripped right into the buzzword bullshit culture that corporate America was at the time. As long as that culture was prevalent**, the overall meme was fully relevant, and it resonated deeply with the cubicle-dwelling audience. Fast forward to today, where much of that has faded - and with it, the whole basis of humor behind Dilbert has sort of faded with it.
Beetle Bailey (mentioned way earlier) is similar - it's based on frickin' army humor from what - maybe WWII? When it rocked the funny pages, most of the audience was either in the military or a veteran thereof, so the gags and storylines instantly resonated. All the gags and storylines in Bloom County resonated with the Reagan era, and would be way non-relevant today.
** in many cases it still is relevant today, but really - not nearly as much as it was back then, when every fiscal quarter brought the employees a new mandatory box that we were forced by policy to think outside of.
Slashdot Mirror
For those who modded parent "insightful" instead of "funny" - Cardinals = "birds".
(seriously - I had to explain that?)
See, the lions are generally not considered to be moral actors.
Neither is a rapist. Your point?
At some point, you have to ascribe *some* responsibility on the [victim], no?
No.
So according to you, the jackass who jumps the fence into the lion's pit at the zoo has no responsibility for getting mauled? The text-obsessed driver who wraps his car and lungs around a tree bears no responsibility for getting his dumb ass killed?
Really?
Who do you "call" with most cloud vendors? After all, sounds like whoever was doing the DDOS to extort Code Spaces could have also "called" Amazon to do any number of things, as whoever it was had the passwords, other accounts, etc..
I've actually worked with them once - sure someone could impersonate them, but you could just as easily call up, explain the situation, and then prove you're the rightful owner of the account (using info that most script kiddies aren't going to think of gathering in the first place, let alone spoof the original contact phone #.)
To their credit, Amazon is actually fairly intelligent and responsive, even to small accounts.
BTW - if you use/handle it right, each instance comes pre-made with a specific SSH auth keyset for root, and you're the only one with the private key (even Amazon doesn't have it) - store/use that as your proof by logging into an instance with one (it's something the script kiddie definitely won't have).
Good thing people hosted their stuff on the cloud...
I don't think their problem is necessarily because it was "on the cloud" - the same thing could have happened if someone penetrated a corporate network and got hold of a VM farm. A bigger obstacle to be sure, but if your corporation has partner/vendor access and a not-so-sharp security guy...
One question I have though - instead of changing a password, why couldn't they have called Amazon, had the thing universally locked out for that company, replaced all root-level access with a new account, and sent the new username and p/w by phone back to the company?
Also, why didn't they have an offline (think: off-cloud) backup of the stuff? Sure it costs time/money/skull-sweat to do that, but it's worth the time and trouble in the end. After all, if your family jewels are hanging out there, it always pays to have a DR plan for 'em...
If nothing else, they could have set up a separate and distinct AWS account/rigging as a "DR" of sorts, with DB replication and the works feeding it as a warm DR site. That way if some jackass compromises the first, you only need to stop DB replication, turn on the rest of the DR servers, do a quick test, and shift your DNS to the backup site - 15 mintues later, you can delete the objects yourself in the original site if you want (while you set up yet a different site and build a new backup site to replace the one you just put into production.)
We have a sizable AWS setup where I work, and first/foremost we back that shit up (the DB contents) to machinery that we control. We also have a means of re-deploying/rebuilding if necessary; sure it takes time, but it's better to have it and not need it...
Hell, even the babies waiting to be eaten by dingoes objected.
Are they peaking because nobody wants them, or because nobody wants to make them?
It's because they're as expensive as hell for their size, are mostly (but not always) gutless on hills and under a full load, and they originally didn't deliver the fuel savings as originally promised.
There's also that whole 'gotta replace that uber-expensive-battery-pack-in-7-to-10-years-or-so' bit...
At least with a gas engine, you have some hope of stretching the car's useful life to 15 years these days.
You're making bad assumptions, and completely skipped the "(they have some sort of deal going now where..." part. Even w/o the little sale, the "value" menu that most have will land one person a burger and fries for $2, plus whatever kool-aid/drink stuff is lurking in the fridge at home.
As for the gas: in an old crap-mobile where 15 mpg is the norm, and at current prices of nearly $4/gal average, you'll burn over a gallon of gas driving 20 miles round-trip in stop-and-go traffic - if anything, I was being generous on that bit.
However, there's also a relatively significant Portland in Maine so in that case it helps to specify.
We've heard about the one out there in Maine, but most of us here in PDX think it's more myth and legend than an actual town. ;)
( Fun trivia bit: the one here in Oregon was actually named for the one in Maine. The founders of our fair city had a coin toss to determine who named the town, and the winner was from Maine. If he had lost, I'd be typing this from Boston, Oregon.)
DOUBLE the poor persons food budget and they can start to eat better. Also put a big ass tax on Fast food places that sell utter crap like McDonalds and Taco Bell. They prey on the poor with their $1.00 menu.
Err, dude - there's a bit of tautology in that quoted bit up there... taxing MickeyD's won't help the poor stretch their food budget.
Mod his ass up ^^^
As someone who grew up poor, I can tell you first-hand that pricing and neighborhood conditions conspire nicely to prevent you from eating anything that isn't processed to within an inch of its existence, or isn't basically crap food.
I think the only exception I've seen is the heavily Latino neighborhoods, where, against most odds, the local Mexican grocers and meat markets actually do provide decent and fairly nutritious foods ("fresh" is still a trial to get, but at least it's better than the local Mickey D's.)
Poor people are fat because they dont eat properly.
Actually, it's because they don't have much choice in what to eat...
Consider that you only have $10 to feed your family, and just came off-shift at your minimum-wage job.
You can either buy:
- a McMeal on the way home from work (they have some sort of deal going now where you can get 4 burgers, some fries, and 4 soft drinks for $9.99)
- a couple of Pepperoni Little Caesars' pizzas, again on the way home from work
- burn $5 or so in gas to get proper food at the nearest decent grocery store 10 miles away, and spend an extra $8 doing that
- spend $15 at inflated prices for nutritious food (though it's slightly old) at the nearest bodega/grocer/phone-card/payday-loan store,
- buy two heads of organic free-range vegan-gods-approved broccoli for $8 at the nearest Whole Payche... err, "Foods" roughly 15 miles away (burning $5-6 in gas)
- Wait until Thursday, where you can drive 20 miles to the Farmers' Market in the ritzy part of town and spend $25 for that same family meal.
Thing is, most poor neighborhoods usually don't have decent grocery stores. Why? Because most grocers don't like losing shedloads of money due to food-stamp/EBT fraud, shoplifting, robberies, etc. This means what groceries do make it there are either non-fresh, at highly inflated prices (to offset the aforementioned losses), preserved-all-to-hell in cans or boxes, or at a very limited selection. Or, you can save on cooking and grab some fast food, like most folks do, and as a bonus the kids don't bitch and moan as much about eating it.
It's a set-up for obesity.
...and an Alaskan volleyball player.
If she's cute, you may just get most of /. to vote for your proposal (hot grits petrification optional).
urgh - formatting sucks:
The ** up there means I'd be the perfect demographic for TFA, in spite of being registered as "no party" in my state. My religious persuasion is shared with most Hispanic folks, so yeah - I can see 'em bugging the hell out of me to follow whatever soundbites they want concerning immigration. Again, and I reiterate: I'll do my own thinking and actions, so fuck them.
1) You're full of crap, because BOTH parties don't like anyone who isn't a lobbyist or fundraising donor.
2) This is a dangerous precedent, no matter who does it or they target - I get enough political spam as it is. Last thing I need is for a bunch of politically-motivated ideologues to harass me in a targeted way** because they think I might be a useful-but-unwitting pawn in their efforts. If you think this will stop with some party faction looking for like-minded people, you're deluded. Next they'll reach out to independents and no-party types, and possibly even further out.
3) As a result of 2: Fuck that, and fuck them.
Pretty much - I remember waaaay back to 2000-2001 when some contractor shared photos online of Microsoft buying Apple G5 PowerMac desktops by the pallet-load.
('course Microsoft showed no class at all in their response by firing the guy, but...)
I figure Juniper will likely rethink their VAR relationship with Cisco's front company, though.
If insurance is your only beef, then like sibling said - most insurance companies can offer an "Uber" rider for a couple extra pounds/euros each month, and that's that.
Otherwise, I do have a question: why the demand for "commercial insurance" in the first place? If you and your rider get in a wreck, you're the driver, and would theoretically face the exact same liabilities as a commercial driver would - prolly less, since the plaintiff would be more likely to jack up the monetary demands against a commercial taxi. Also, most auto insurance setups actually do cover the passengers in your vehicle should they get injured, so, well - what's the beef?
If the rider gets injured, sure he can sue you - just like a hitchhiker could, or a friend riding along, or anyone really. If you're signing on to drive someone around, that's the risk you accept. One caveat, though: if the rider signed a waiver online that lists the risks, and requires him to acknowledge and agree to them before ordering a ride, he very well wouldn't have much of a case unless the driver were drunk or high or etc.
You have 100s of machines, dozens of employees, who need legitimate access. How do you share the passwords on all those machine?
Is your solution cost effective? Does it account for areas with bad reception?
An RSA token and remote password server with a VPN tunnel connecting the two would suffice (all ATMs have to contact the bank *somehow* - even in a daily batch mode - else they cease to function as an ATM). Failing the VPN connection, just use a modem connection with strict ACLs at the bank's side. An initial setup can even be rigged to change the default passwords while're you're customizing the thing to add the bank's logo and suchlike.
You could have the ATM guy plug the USB stick in which updates/changes the passwords and suchlike every time he arrives to load the thing up with cash.
This isn't rocket science - it just takes a bit of forethought and execution.
Plus, if you made 10K a week keeping your front door open, but you spent 30K a year replacing any stolen item, would you lock your door?
Bad analogy for two reasons:
1) having a basic password/access policy in place wouldn't "lock your door" and keep customers out
2) customers would never notice that you have a secure password/access policy in place, but they'll damned sure know it when you don't and someone decides to exploit the lack thereof - this means $10k/wk would instantly drop to a fraction of that once a breach is known about (and banking regulations require that yes, you do inform your customers if you have one), and if the bank is small enough, would likely destroy the bank entirely.
I'm not even mildly surprised that this was possible.
Not at that I'm not... what I am surprised at is the fact that the bank didn't immediately have the kids locked-up and headed for a lifetime of prison.
No, they are not. A tariff is a tax applied ONLY TO AN IMPORTED ITEM.
You said, and I quote: "...based on where the parts are from."
Chinese parts are (wait for it...) imported, just like Chinese whole items/goods are. They are also taxed equally unless a treaty or trade agreement dictates otherwise, but that's an internal legislative affair.
A tax applied to ALL ITEMS, is simply a tax and TOTALLY LEGAL PER ALL TREATIES.
In other words, you're applying a universal tariff on all items inbound from China. You do know that a tariff is simply a tax "based on where the parts are from", right?
Maybe I'm misunderstanding what it is you;re trying to express, but if it moves internationally and is taxed due to country (or even region) of origin, then it's a tariff.
BUT, the right way to solve this is to put a single level VAT (just between wholeseller and retailer; along with any delivery trucks ) in which goods are taxed based on where the parts are from.
We, umm, call those things tariffs.
Nice assumption of what you think I saw in the show, but no dice for you. But, in the interest of making burger out of your sacred cow...
My big complaint with the Simpsons is that the characters have become flat stereotypes. For instance, Lisa went from uber-precocious idealist little girl down to the very model of a hipster liberal douchebag - the same kind that I see (and occasionally work with) every day in downtown PDX. The rest have similarly flattened down to the same two-dimensional ultra-predictable 'personalities' that most sitcoms desperately feature with each new TV season. I sample the episodes occasionally nowadays, and I can predict the damned ending by the first commercial break... and that my friend is why I can say with full confidence that they've jumped the frickin' shark.
As someone who has read and appreciated Groening's comics since Life in Hell (long, long before The Tracy Ullman Show aired the earliest episodes of Simpsons), I appreciate his early stuff a whole hell of a lot more than the later stuff - and have no desire or need to take in anything he's done since 2000 or so, due to the fact that it's a lot like discovering that one's favorite soda has gone flat (with the exception of the first few seasons of Futurama, which comprised a brilliant burst of awesomeness in an otherwise fading creative universe).
The Simpon's for instance could have been cancelled a few years ago, but the actors realized they could be replaced, and I guess having work at half the rate of sitcom actors was better than having no work at all.
could have? More like should have. That poor shark probably has Matt Groening's footprints all over its back in multiple paths by now...
Sadly I have to agree. All the strips that have been around for a while are on auto-pilot, coasting along on their fame. The creators are putting zero effort into them.
I'm not sure if it's just recycling gags, or if it's just that the gags were mind-blowingly awesome in the time and culture of their prime, but have since faded right along with the times and culture in which they were spawned.
Take Dilbert for example. When it came out (in the 1990s, y'all), it was a badass tour-de-force that ripped right into the buzzword bullshit culture that corporate America was at the time. As long as that culture was prevalent**, the overall meme was fully relevant, and it resonated deeply with the cubicle-dwelling audience. Fast forward to today, where much of that has faded - and with it, the whole basis of humor behind Dilbert has sort of faded with it.
Beetle Bailey (mentioned way earlier) is similar - it's based on frickin' army humor from what - maybe WWII? When it rocked the funny pages, most of the audience was either in the military or a veteran thereof, so the gags and storylines instantly resonated. All the gags and storylines in Bloom County resonated with the Reagan era, and would be way non-relevant today.
** in many cases it still is relevant today, but really - not nearly as much as it was back then, when every fiscal quarter brought the employees a new mandatory box that we were forced by policy to think outside of.
Nah - Watterson's style was definitely there (that, or someone was awfully damned good about it...)