Great, another thing to add to my checklist. All "letsencrypt" root CA certs must be checked for and removed, if present, before logging onto an SSL site.
Why do home devices need to have trusted SSL certs? They are not web facing, and if they have remote capabilities they are typically routed through a service provided by the manufacturer. There is no reason to go through the trouble of key generation and registration against a global root CA.
Besides, how is a global root CA supposed to verify the connection to a device on a non-routable IP/Subnet?
It doesn't matter how much Apple charged for a product. What matters is how much demand Apple created for such a product. And what expectations Apple set for the product. Also, my "2nd gen" iPod Touch was $200 when I bought it. So, Apple was at the sub-$300 price point eary on.
Never got headaches, but those squeling monsters called CRTs nearly drove me nuts. Sounded something like a tea kettle warming up. I could tell when a television was powered on or not just by the sound of it. Wondering how long before my hearing goes and I can only hear normal noises.
The parent (or great-great-great-grandparent) mentioned China's high loss rate as being a significant contributor to the numbers. He did mention it was used to contrast the negligible by comparison numbers of US ships sunk.
I was just pointing out that 360 sunken ships per year doesn't seem like a drastically unrealistic number in the wake of 5,419,000 car crashes in the US in 2010. Which being a stastistic for the US only, is significantly lower than the global number of accidents. Not all ships being big ships, and not all sunken ships being newsworthy. I wouldn't expect that number to exceed 500 annually, but 360 doesn't sound too unreasonable. At least unless I owned a ship, and that being the only ship I owned, then one would be an unreasonable number, unless I was also wealthy.
But yeah, 50 a year does seem to be about on target.
Walmart had an system where sick leave would accrue over time, and eventually convert to PTO at a fraction of the time. I think I had a months worth of sick leave, a weeks worth of PTO, and two weeks paid vacation when I quit.
So many here are claiming the OLPC created the market, but it existed before the OLPC, and it still barely made ground after the ASUS Eee line. It was the iPad and iPod Touch which truly sparked the sub-$300 computing market, by breaking it free of the Microsoft Windows operating system.
The Walmart $300, $500, $800 price point system has been around for a long time. I'm sure it existed when I was employed with them back in 2006. Of course no savvy tech would even consider what the $300 price point offered. 1 hour battery, previous gen processor, smallest still manufactured hard drive, insufficient RAM, 13"-14" cheap LCD. Back then it was most likely a bottom of the barrel Acer. Though, Vista may have created that $300 price point by causing manufacturers to dump low end hardware with Vista Starter Edition at or below manufacturing costs.
No security does not mean no crime, but it also does not indicate that a crime occured.
How can one break a law which does not exist? For a law to be broken there has to be some indicator of an attempt to bypass restrictions. Accessing publicly available information in accordance with previous means supplied (the URL), does not indicate an attempt to bypass or circumvent restrictions. The situation here would be like saying finding a library book by using its letter of the alphabet and classification instead of requesting assistance from the Librarian.
This is where I see the line of thinking which led to the charges.
Suit#1: We've just learned some kid has been maintaining an archive of documents from our server.
Suit#2: So?
Suit#1: Some of those documents were not supposed to be published to the public.
Suit#2: Alright, so we need to have him delete those documents.
Suit#1: He's a teenager. Who knows where or to whom he's sent those documents? Also, he may not know how to scrub the bits from the drives, simply deleting files does not prevent their recovery. If word gets out that he had that information, other parties may be able to secure that information from his machine. He may already be infected with malware and leaking the data. We do not have control over that machine.
Suit#2: We need to get control of that machine.
Suit#1: That will require a warrant, which will require criminal charges.
Suit#2: Charge him with hacking, get the data secure and the situation contained and under control, and we'll sort out the details later. It is better to beg for forgiveness than to ask for permission when dealing with unknown and untrusted parties.
What we're trying to accomplish in I.T. Is to make data available and accessible to those making the decisions, this includes the maintenance of keeping the servers secure and operational.
The C-Levels provide the vision, the next level down researches the cost and proposes solutions to achieve the vision, and then the monkeys at the bottom do what can be done with whatever resources have been allocated.
It really helps if there is some communication all the way up and down the chain as to how well a solution has panned out, and/or whether adjustments need to be made, or speeches need to be made.
It also helps if the C-Levels either understand technology and the trends in technology, or trust the opinion of their high level I.T. Department, in order to better formulate what needs to be included in the vision for the companies future.
"Most large companies" seems like a high estimate.
I think the market a company is in determines the complexities and therefore security needs of its website.
YouTube for instance would seem to require less in the way of security than say Aflac or Equifax. YouTube is not trying to protect most of the data it contains, as most of it is publicly available through the site itself, especially before it began officially housing licensed content (music videos). Much of YouTube's data has little value outside of YouTube. While Equifax contains and serves a significant amount of sensitive data to businesses over the Internet everyday. Everything that Equifax collects has to be made available to some questionable third party for decision making purposes.
Other large businesses, ones that make money on commission, and/or in-person transactions, have little incentive to provide a self-service interface for their clientele.
Are we talking Facebook, or a Facebook page?
Everybody needs a website, but not everybody needs a website with a database of private information that is accessible to the public.
Secure Boot protects against malware and malicious hardware, as well as teenagers with Linux on USB thumb drives bypassing security altogether.
Together they are supposed to make it impossible to bypass or break the core things, which is supposed to make a computer more secure.
Of course adding security breaks things. Such as open source drivers for hardware for which drivers do not exist. Which means that those needing exemptions to the security will lose both, not just one or the other. Reducing security overall.
Secure boot ensures that the kernel can't be modified prior to boot. Thus it eliminates a false sense of security. The goal is to ensure that an attacker with temporary physical access to a machine cannot compromise it fully.
The question is what need or benefit is gained by having these two features intrinsically linked on the back end?
"This discussion is over until you give an actual honest-to-goodness reason for why you tied the two features together. No more "Why not?" crap." -Torvalds
Linux is a distribution by users, for users. So the individuals you are locking down are the developers and future developers of the operating system.
"Keeping the bad guys out" is a nanny state problem for for-cost operating systems. You can tie secure boot and kernel lockdowns together if you want to outsource your I.T. to a third party or for-cost developer.
The rest of us what to know what the difference is between what secure boot protect, and what kernel lockdowns protect. As well as to be able to enjoy our hobby without having to get a degree in cyber security to sign a kernel every time we want to try out a new OS or distribution.
This has come in handy from time to time when troubleshooting remote locations. Can't remote into a PC over a WAN connection to fix a modem, call the ISP and tell them to fix it. Account authentication is. B*tch, but still quicker than either having the ISP dispatch a tech, or me driving two states over to fix the problem.
The inference is that sustainability is of greater benefit than privacy. With privacy, nobody will know you starved or froze to death, or even just lost you're house.
Finding another job isn't always as simple as putting in an application. Many of the highering paying jobs are quite specialized. The jobs available are few, so there are few experienced workers, and the workers with experience in those fields get paid a substantially higher pay than they would otherwise.
Or, alternatively, be something worth porting to or developing for. If you want to be an X11 killer, then be something that kills the X11 software library.
Perhaps part of the problem is thinking in exact and precise. Requiring some absolute boundary between what is and is not life, between what is and is not consciousness.
Perhaps these things should be thought of more like temperatures. Similarly, don't know what hot is, and we don't know what cold is, unless we define cold as absolute zero. However, we know when things are cold to us, and we know when things are hot to us. Temperatures are relative. 78 degrees is hot to some people, and cold to others, and for many there is an abigious quality which we call lukewarm.
Likewise consciousness is relative, with humanity being of the strongest known degree of consciousness. Rocks being the least known degree, and therefore is whatever is the opposite of consciousness.
Slashdot Mirror
Great, another thing to add to my checklist. All "letsencrypt" root CA certs must be checked for and removed, if present, before logging onto an SSL site.
I think the parent of your comment was saying we need the current system. Given that the GP's goals are pure fantasy.
Why do home devices need to have trusted SSL certs? They are not web facing, and if they have remote capabilities they are typically routed through a service provided by the manufacturer. There is no reason to go through the trouble of key generation and registration against a global root CA.
Besides, how is a global root CA supposed to verify the connection to a device on a non-routable IP/Subnet?
Late reply,...
It doesn't matter how much Apple charged for a product. What matters is how much demand Apple created for such a product. And what expectations Apple set for the product. Also, my "2nd gen" iPod Touch was $200 when I bought it. So, Apple was at the sub-$300 price point eary on.
Never got headaches, but those squeling monsters called CRTs nearly drove me nuts. Sounded something like a tea kettle warming up. I could tell when a television was powered on or not just by the sound of it. Wondering how long before my hearing goes and I can only hear normal noises.
The parent (or great-great-great-grandparent) mentioned China's high loss rate as being a significant contributor to the numbers. He did mention it was used to contrast the negligible by comparison numbers of US ships sunk.
I was just pointing out that 360 sunken ships per year doesn't seem like a drastically unrealistic number in the wake of 5,419,000 car crashes in the US in 2010. Which being a stastistic for the US only, is significantly lower than the global number of accidents. Not all ships being big ships, and not all sunken ships being newsworthy. I wouldn't expect that number to exceed 500 annually, but 360 doesn't sound too unreasonable. At least unless I owned a ship, and that being the only ship I owned, then one would be an unreasonable number, unless I was also wealthy.
But yeah, 50 a year does seem to be about on target.
Being understaffed saves money.
Walmart had an system where sick leave would accrue over time, and eventually convert to PTO at a fraction of the time. I think I had a months worth of sick leave, a weeks worth of PTO, and two weeks paid vacation when I quit.
Well, with a population of 7+ billion, 360 ships sunk per year is not an astounding or impossible number.
It likely all depends on how one classifies what is a ship, and what is merely a watercraft and/or boat.
To answer your question about bonuses, if I saved a company that much money, I would expect to accrue it at a rate of 0.0000001% annually.
Winner, winner, chicken dinner.
So many here are claiming the OLPC created the market, but it existed before the OLPC, and it still barely made ground after the ASUS Eee line. It was the iPad and iPod Touch which truly sparked the sub-$300 computing market, by breaking it free of the Microsoft Windows operating system.
The Walmart $300, $500, $800 price point system has been around for a long time. I'm sure it existed when I was employed with them back in 2006. Of course no savvy tech would even consider what the $300 price point offered. 1 hour battery, previous gen processor, smallest still manufactured hard drive, insufficient RAM, 13"-14" cheap LCD. Back then it was most likely a bottom of the barrel Acer. Though, Vista may have created that $300 price point by causing manufacturers to dump low end hardware with Vista Starter Edition at or below manufacturing costs.
This needs an upvote.
No security does not mean no crime, but it also does not indicate that a crime occured.
How can one break a law which does not exist? For a law to be broken there has to be some indicator of an attempt to bypass restrictions. Accessing publicly available information in accordance with previous means supplied (the URL), does not indicate an attempt to bypass or circumvent restrictions. The situation here would be like saying finding a library book by using its letter of the alphabet and classification instead of requesting assistance from the Librarian.
This is where I see the line of thinking which led to the charges.
Suit#1: We've just learned some kid has been maintaining an archive of documents from our server.
Suit#2: So?
Suit#1: Some of those documents were not supposed to be published to the public.
Suit#2: Alright, so we need to have him delete those documents.
Suit#1: He's a teenager. Who knows where or to whom he's sent those documents? Also, he may not know how to scrub the bits from the drives, simply deleting files does not prevent their recovery. If word gets out that he had that information, other parties may be able to secure that information from his machine. He may already be infected with malware and leaking the data. We do not have control over that machine.
Suit#2: We need to get control of that machine.
Suit#1: That will require a warrant, which will require criminal charges.
Suit#2: Charge him with hacking, get the data secure and the situation contained and under control, and we'll sort out the details later. It is better to beg for forgiveness than to ask for permission when dealing with unknown and untrusted parties.
What we're trying to accomplish in I.T. Is to make data available and accessible to those making the decisions, this includes the maintenance of keeping the servers secure and operational.
The C-Levels provide the vision, the next level down researches the cost and proposes solutions to achieve the vision, and then the monkeys at the bottom do what can be done with whatever resources have been allocated.
It really helps if there is some communication all the way up and down the chain as to how well a solution has panned out, and/or whether adjustments need to be made, or speeches need to be made.
It also helps if the C-Levels either understand technology and the trends in technology, or trust the opinion of their high level I.T. Department, in order to better formulate what needs to be included in the vision for the companies future.
"Most large companies" seems like a high estimate.
I think the market a company is in determines the complexities and therefore security needs of its website.
YouTube for instance would seem to require less in the way of security than say Aflac or Equifax. YouTube is not trying to protect most of the data it contains, as most of it is publicly available through the site itself, especially before it began officially housing licensed content (music videos). Much of YouTube's data has little value outside of YouTube. While Equifax contains and serves a significant amount of sensitive data to businesses over the Internet everyday. Everything that Equifax collects has to be made available to some questionable third party for decision making purposes.
Other large businesses, ones that make money on commission, and/or in-person transactions, have little incentive to provide a self-service interface for their clientele.
Are we talking Facebook, or a Facebook page?
Everybody needs a website, but not everybody needs a website with a database of private information that is accessible to the public.
Kernel Lockdown protects the kernel.
Secure Boot protects against malware and malicious hardware, as well as teenagers with Linux on USB thumb drives bypassing security altogether.
Together they are supposed to make it impossible to bypass or break the core things, which is supposed to make a computer more secure.
Of course adding security breaks things. Such as open source drivers for hardware for which drivers do not exist. Which means that those needing exemptions to the security will lose both, not just one or the other. Reducing security overall.
Secure boot ensures that the kernel can't be modified prior to boot. Thus it eliminates a false sense of security. The goal is to ensure that an attacker with temporary physical access to a machine cannot compromise it fully.
The question is what need or benefit is gained by having these two features intrinsically linked on the back end?
"This discussion is over until you give an actual honest-to-goodness reason for why you tied the two features together. No more "Why not?" crap." -Torvalds
Linux is a distribution by users, for users. So the individuals you are locking down are the developers and future developers of the operating system.
"Keeping the bad guys out" is a nanny state problem for for-cost operating systems. You can tie secure boot and kernel lockdowns together if you want to outsource your I.T. to a third party or for-cost developer.
The rest of us what to know what the difference is between what secure boot protect, and what kernel lockdowns protect. As well as to be able to enjoy our hobby without having to get a degree in cyber security to sign a kernel every time we want to try out a new OS or distribution.
This has come in handy from time to time when troubleshooting remote locations. Can't remote into a PC over a WAN connection to fix a modem, call the ISP and tell them to fix it. Account authentication is. B*tch, but still quicker than either having the ISP dispatch a tech, or me driving two states over to fix the problem.
The inference is that sustainability is of greater benefit than privacy. With privacy, nobody will know you starved or froze to death, or even just lost you're house.
Finding another job isn't always as simple as putting in an application. Many of the highering paying jobs are quite specialized. The jobs available are few, so there are few experienced workers, and the workers with experience in those fields get paid a substantially higher pay than they would otherwise.
Or, alternatively, be something worth porting to or developing for. If you want to be an X11 killer, then be something that kills the X11 software library.
A refresh of the same LTS doesn't typically require a reboot on Windows either.
Going from 17.10 to 18.04 does, which would be the equivalent of Fall Creators to Spring Creators.
Perhaps part of the problem is thinking in exact and precise. Requiring some absolute boundary between what is and is not life, between what is and is not consciousness.
Perhaps these things should be thought of more like temperatures. Similarly, don't know what hot is, and we don't know what cold is, unless we define cold as absolute zero. However, we know when things are cold to us, and we know when things are hot to us. Temperatures are relative. 78 degrees is hot to some people, and cold to others, and for many there is an abigious quality which we call lukewarm.
Likewise consciousness is relative, with humanity being of the strongest known degree of consciousness. Rocks being the least known degree, and therefore is whatever is the opposite of consciousness.