Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.
In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.
Who thought having this capability was a good idea?
The same people who invented JavaScript?
Or major developers like Mozilla and LibreOffice Microsoft and...
The list could go on forever. The point of this functionality is that, as users, the programs we run can immediately be patched with the latest updates so that security threats, when discovered, can be mitigated immediately. Consider that Apple might sit on an update for several weeks while it reviews changes. At the same time, the user is exposed to the security vulnerability that the developer is attempting to close.
I completely agree that this is not without serious risk. Users are going to be exposed to the possibility that these hot fixes are dangerous per se and could expose the user to malicious behavior. However, the upside is tremendous and to not recognize that possibility is short sighted.
Fascinating post. I was wondering if you had any links or reference material that describe such an "encrypted VM" -- I would love to learn more about it!
Thanks for such a great post. I really found it incredibly fascinating!
Wow. This is why I read slashdot. I wish that I had mod points to give you for this answer. I'd never heard of such a technology but I am certainly going to look into it now. Thanks for posting this.
Will
PS: Sorry for reposting. I accidentally posted as AC the first time!
They are apparently having a significant amount of trouble actually implementing the system because of the sheer amount of data.
Apparently Ant (div of Alibaba) is playing a pretty big role in this, too:
A credit-scoring service by Alibaba affiliate Ant Financial Services—one of eight companies approved to pilot commercial experiments with social-credit scoring—assigns ratings based on information such as when customers shop online, what they buy and what phone they use. If users opt in, the score can also consider education levels and legal records. Perks in the past for getting high marks have included express security screening at the Beijing airport, part of an Ant agreement with the airport.
This is exactly the type of project where "Open Source" needs to figure out a business model. There needs to be a way for people working on a "very important project" to be able to make a living without selling into corporate interests that might otherwise change the organization's mission.
There are plenty of examples of software that "needs" to be supported without being owned by a corporate interest. OpenSSL comes to mind (and they are now getting support from the Core Infrastructure Foundation, which is great!).
I hope that Kodnik is able to find support so that he can continue working on this project. As everyone here seems to think (and I agree), this is a very important project and it would be a shame to see it go away.
Russia is asking that user data about its citizens be stored in the country exclusively. This is not unlike what the EU is asking under their new privacy laws.
I will add my voice to this conversation: I am a CS undergrad/grad and total geek. I am their prime audience in every way except one:
I have not played a video game since HS when I played Starcraft over dialup.
And yet I listen to a nightly SiriusXM radio show about esports and I follow them rabidly
I agree with other commentators that in this instance I am somewhat like a person who has never played a particular sport but will still have an interest. I don't race cars, but I love F1. I don't play tennis, but I love Roger Federer.
There is an audience outside gamers. But, whether it can be harnessed is another thing entirely.
It would appear that the banking consortium R3 is going to build a platform on top of Corda. They are going to name that platform Concord and the WSJ has an interesting blog post about how it all works together:
It's *possible* that this could be a way to get the jurisdiction (using property) over someone who is not in the territory. If the suit is about property and that property is within the territory then they can have jurisdiction and service can be published that way. If he doesn't show up then the default judgment will go forward and the attached property will go to plaintiff.
I know that this is not insightful or interesting or modworthy, but I am so mad at the prospect of Google's actions here that I am taking the time to post.
The *only* reason that I bought a) an Android-based device and b) a Nexus is because I value a "pure" option. I have been fooled by Google several times already -- the Galaxy Nexus and the Nexus 5 -- when they decided that they were no longer going to support software updates on those devices. That decision has forced me to upgrade earlier than I originally planned. However, I bit the bullet because I knew that I could get something comparable (sw-wise) with better hardware performance.
This change, however, might be the straw that breaks this camel's back. I hope that I/we are wrong about their plans for the upcoming device. I've been looking forward to this new release but now I am really apprehensive.
If you want to keep up with a very smart person who does some really interesting analysis on the security of "smart" devices, try Matthew Garret. He posts most of his finding in conversational format on twitter at
I wish I had mod points to recommend this. Thank you for writing so succinctly about how the "safety" of Rust is not based on a runtime sandbox but rather on compile-time analysis that determines which operations are inherently unsafe and which are safe. While Rust advocates compare their safety constructs with those that Java attempts to provide, they are achieved completely differently. Thanks again for pointing this out.
They have this great program accessible at http://codesnippet.research.microsoft.com/ that allows you to do context-sensitive code completion directly from the q/a coding sites. Pretty neat stuff.
There are researchers are UVa doing similar things: Report.
Even if Google wanted to be part of the solution (and since they view the user's privacy as their product that's a big assumption) their inability to control OEMs makes me want to abandon them for Apple. That's saying something since I absolutely deplore the manufacturing standards that Apple upholds w.r.t. their contract factories like Foxconn, but I think that it's something that we are going to have to start thinking about in the future!
All of this is very interesting, especially in the context of D.C.'s recent dealing with WalMart. The council agreed to let WalMart build supercenters agreeing to increase in minimum wage in exchange for their promise to build some stores in food deserts. Then, low and behold, WalMart said that the economic conditions would no longer make it possible for them to build the grocery stores in those locations after they already built the ones that they figured would be profitable.
Slashdot Mirror
Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.
In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.
Who thought having this capability was a good idea?
The same people who invented JavaScript?
Or major developers like Mozilla and LibreOffice Microsoft and ...
The list could go on forever. The point of this functionality is that, as users, the programs we run can immediately be patched with the latest updates so that security threats, when discovered, can be mitigated immediately. Consider that Apple might sit on an update for several weeks while it reviews changes. At the same time, the user is exposed to the security vulnerability that the developer is attempting to close.
I completely agree that this is not without serious risk. Users are going to be exposed to the possibility that these hot fixes are dangerous per se and could expose the user to malicious behavior. However, the upside is tremendous and to not recognize that possibility is short sighted.
Fascinating post. I was wondering if you had any links or reference material that describe such an "encrypted VM" -- I would love to learn more about it!
Thanks for such a great post. I really found it incredibly fascinating!
Wow. This is why I read slashdot. I wish that I had mod points to give you for this answer. I'd never heard of such a technology but I am certainly going to look into it now. Thanks for posting this.
Will
PS: Sorry for reposting. I accidentally posted as AC the first time!
I know it's behind a paywall, but the WSJ had a very interesting article about China's implementation of Social Credit:
China’s New Tool for Social Control: A Credit Rating for Everything
They are apparently having a significant amount of trouble actually implementing the system because of the sheer amount of data.
Apparently Ant (div of Alibaba) is playing a pretty big role in this, too:
A credit-scoring service by Alibaba affiliate Ant Financial Services—one of eight companies approved to pilot commercial experiments with social-credit scoring—assigns ratings based on information such as when customers shop online, what they buy and what phone they use. If users opt in, the score can also consider education levels and legal records. Perks in the past for getting high marks have included express security screening at the Beijing airport, part of an Ant agreement with the airport.
This is exactly the type of project where "Open Source" needs to figure out a business model. There needs to be a way for people working on a "very important project" to be able to make a living without selling into corporate interests that might otherwise change the organization's mission.
There are plenty of examples of software that "needs" to be supported without being owned by a corporate interest. OpenSSL comes to mind (and they are now getting support from the Core Infrastructure Foundation, which is great!).
I hope that Kodnik is able to find support so that he can continue working on this project. As everyone here seems to think (and I agree), this is a very important project and it would be a shame to see it go away.
Will
There were already rumors that this would happen:
http://www.wsj.com/articles/russia-may-block-linkedin-if-company-loses-court-case-on-personal-data-law-1478775414
Russia is asking that user data about its citizens be stored in the country exclusively. This is not unlike what the EU is asking under their new privacy laws.
I will add my voice to this conversation: I am a CS undergrad/grad and total geek. I am their prime audience in every way except one:
I have not played a video game since HS when I played Starcraft over dialup.
And yet I listen to a nightly SiriusXM radio show about esports and I follow them rabidly
I agree with other commentators that in this instance I am somewhat like a person who has never played a particular sport but will still have an interest. I don't race cars, but I love F1. I don't play tennis, but I love Roger Federer.
There is an audience outside gamers. But, whether it can be harnessed is another thing entirely.
Here is some information about a demo that Barclays gave of Corda:
http://www.coindesk.com/r3-corda-demo-barclays-distributed-ledger/
It would appear that the banking consortium R3 is going to build a platform on top of Corda. They are going to name that platform Concord and the WSJ has an interesting blog post about how it all works together:
http://blogs.wsj.com/moneybeat/2016/08/24/a-closer-look-at-r3s-concord/
It's *possible* that this could be a way to get the jurisdiction (using property) over someone who is not in the territory. If the suit is about property and that property is within the territory then they can have jurisdiction and service can be published that way. If he doesn't show up then the default judgment will go forward and the attached property will go to plaintiff.
Pennoyer v Neff
I was initially fooled by this article. I thought that the AAPS was a "legitimate" interest group. It turns out that I may have been mistaken:
http://www.motherjones.com/politics/2009/11/tea-party-doctors-american-association-physicians-surgeons
I hope that someone else finds that as interesting as I did.
I know that this is not insightful or interesting or modworthy, but I am so mad at the prospect of Google's actions here that I am taking the time to post.
The *only* reason that I bought a) an Android-based device and b) a Nexus is because I value a "pure" option. I have been fooled by Google several times already -- the Galaxy Nexus and the Nexus 5 -- when they decided that they were no longer going to support software updates on those devices. That decision has forced me to upgrade earlier than I originally planned. However, I bit the bullet because I knew that I could get something comparable (sw-wise) with better hardware performance.
This change, however, might be the straw that breaks this camel's back. I hope that I/we are wrong about their plans for the upcoming device. I've been looking forward to this new release but now I am really apprehensive.
Will
Of course I stupidly misspelled his name. It's Garrett. Sorry Matthew!
If you want to keep up with a very smart person who does some really interesting analysis on the security of "smart" devices, try Matthew Garret. He posts most of his finding in conversational format on twitter at
@mjg59.
You can see more of his "reported" results on his website at
http://mjg59.dreamwidth.org/.
Enjoy!
Notice what's even more funny: the name of the department doing the operation is the Kleptocracy Asset Recovery Initiative.
WOW!
I wish I had mod points to recommend this. Thank you for writing so succinctly about how the "safety" of Rust is not based on a runtime sandbox but rather on compile-time analysis that determines which operations are inherently unsafe and which are safe. While Rust advocates compare their safety constructs with those that Java attempts to provide, they are achieved completely differently. Thanks again for pointing this out.
They just responded to this issue on their blog:
https://www.teslamotors.com/blog/grain-of-salt
Interesting how they call out the author for his previous "death watch" on the company.
As usual, there are three sides to every story: yours, mine and the truth.
Will
Wish I had mod points. Thanks for posting this. Great information!
Will
Speaking of Dropbox and Python, Guido gave an excellent talk on the History of Python at one of their techtalks. You can view it online:
Guido van Rossum on the History of Python
What they did is in violation of the DMCA -- not that I agree with the DMCA, but the law is the law. Malum prohibitum -- they are criminals.
Will
A really neat class at the University of Virginia:
A report describing the class' pedagogy: Defense Against the Dark Arts
and a link to the current class website: Online syllabus
They have this great program accessible at http://codesnippet.research.microsoft.com/ that allows you to do context-sensitive code completion directly from the q/a coding sites. Pretty neat stuff.
There are researchers are UVa doing similar things: Report.
Well, all that disruption was bound to reflect back. I mean, when you mess with the bull sometimes you get the horns.
I made myself laugh with the number of cliches I've managed to weave into this dense, trite post.
Will
Even if Google wanted to be part of the solution (and since they view the user's privacy as their product that's a big assumption) their inability to control OEMs makes me want to abandon them for Apple. That's saying something since I absolutely deplore the manufacturing standards that Apple upholds w.r.t. their contract factories like Foxconn, but I think that it's something that we are going to have to start thinking about in the future!
Will
You absolutely can and should expect them to be true to the deal. It's not that they did not know their was a risk of "the math" changing.
Plus, it wasn't the terms of the deal that changed. It was their misread of the economy. Not the city's fault.
All of this is very interesting, especially in the context of D.C.'s recent dealing with WalMart. The council agreed to let WalMart build supercenters agreeing to increase in minimum wage in exchange for their promise to build some stores in food deserts. Then, low and behold, WalMart said that the economic conditions would no longer make it possible for them to build the grocery stores in those locations after they already built the ones that they figured would be profitable.
Washington post coverage
"Fool me ... won't get fooled again."