that terrorists figure out how to intentionally create misleading files on their computers and send out such files to 10000 random people in order to jam the system.
If someone is a pedophile, however, if they act on that impulse and molest children, obviously that's quite harmful to the child and his/her development and psychology.
If they are pedophile AND act on that impulse. If people act on impulses they are dangerous without being pedophile.
and nothing new. You pay a little premium not to be disconnected as soon as somebody sends a legal request. Not reacting to something like that is what their customer pays for.
Never heard of these before,. and i am pretty sure that wont like these.
Accessing HW busses is nothing which should be passed in any non-abstracted way to the web. The focus of the web (transmitting asynchronous, stateless, hardware abstracted information) could not be further apart from GPIO pins.
And so is this project from the core business of mozilla.
To have reached this figure (11 billion hours in December, apparently) Microsoft must have been logging individuals' usage times
Plainly wrong. there are many other ways to come to such a number without logging every bodies time individually.
The simplest way would be (given that they actually get events identifying usage from individual users to plainly add it up to a single counter for all users and discard the individual events.
A even more privacy-protecting way would be to use some statistical sampling together with data which MS has to get to do their job. I would be thinking that the data from the updates would yield a pretty accurate number on the system uptime (after some statistical crunching).
Last but not least-remember that this is a marketing text and not a science paper - would be an estimation based on "best guesses". Anyhow a figure like 11 billion could variy dramatically if you count breaks where the user walk away from the machine or not.
Some of the things listed are valid, some not (like updates breaking the boot process - i experienced that once in the last 15 years of continuous linux use. OTOH I use debian (based) distributions for stability.
Well i have seen people placing constructs which "propagate" nulls in data structures...... (not that i am a fan of this, i would have liked to make guy swallow his keyboard). The strategies can to do so can be funny.
Tell me if something about my definition is unusual:
White-hat: only cares for ethics, does not want money Black-hat: only cares for money/power. is not concerned about ethics Grey-hat: accepts that he gets money/power/advantages for his skills, but only within his ethical boundaries.
Please tell me why i should not consider this guy a white-hat (tipping off journalists is *not* publishing). Side remark: While responsible disclosure is reasonable, i understand (given the reactions of companies) that younger and more impatient white-hats have their issues with it.
What you talk about is a solution by a thinking human, and not "big data - the massive cloud will solve it" pixie dust.
IMO: If your system dependencies and requirement links are so obfuscated that you can not make fall-back rules by hand, i would bet there is no AI which will save you.
The conclusion in the article was that everybody who manages to hack the MS database or extorts an employee there would get access to my data. While i severely doubt that accessing the key is easily possible for an employee (i would not think so) without being noticed, there is another important point: Whoever steals my key, still needs access to my physical access to the HD (an that is the only situation in which stealing the key makes a difference: physical access, but no possibility to manipulate the OS before).
That would be (1) thieves (2) anybody who buys the device witout being wiped correctly (3) anybody who finde the device after being lost (4) law enforcement (with court orders) (5) intelligence service (in the gray zone)
1-3 probably wont get access to the key 4 at least will have to show an official document to MS to get the key (and at least make the transgression trackable, and therefore less likely that some stupid cop "just because he does not like your nose" will search the computer)
IMHO 1-4 are much more likely threats than 5.
Lets go to 5. If you are the target of an attack of any stat-level actor nowadays, i would assume that the level of precaution you have to take goes far beyond "not storing you key at MS". Dont get me wrong, i use local encryption and dont upload the key somewhere.
so the choice is * making encryption unusable to the everyday user (most likely to get victim of accidental loss/theft) since they are afraid to loose theirs keys (imagine the kind of publicity MS would get....) * accepting that law-enforcement/state-level actors still can transgress on a few selected users under substantially increased effort, but protect the average user from the fall-out of loosing his/her device
I personally thinks it's absolutely sane to choose the latter (and contrary to the statement in the article, most companies actually *do* store recovery keys centrally for Bitlocker.
If you believe that you are under treat by any western state-level actor, then trust nobody and nothing besides your own brain. The majority of the advice/ideas/hints/analysis which are reported in the tech press in respect to security are worthless shit.
In Switzerland this is used for a very small number of decisions, usually only for groundbreaking idealogical paths to choose about their national identity. The majority o laws are passed in a consensual way (In Swiss a very big consensus has to be reached before a law is passed.
I like micro instances/instances which do not occupy full physical processors at Amazon because of availability and price for low-impact/bandwidth applications. For all other use lambda or dedicated instances.
Virtual CPUs are anyway difficult to asses - to me it may be very relevant to have the 1st level cache of the core which i run on undisturbed by other applications (since changing the cache hits is a big deal for specific numerical problems), and for you 20% more share of the CPU may be important.
1% of computation time not spend in my task on a physical processor can do as much damage as 50% change in speed.
A small side remark: the price for the different VCPUs also varies.
In 2008/9/10 Untuntu was grat because they just fixed some thing which needed fixing.
from 2010-2011 Ubuntu got a little torublesome since they continued to fixing thing which did not need fixing in their own way (graphics/deskton enviroment)
after 2011 it becam unbearable since they did not even finish the things they started and neglected their core feature (stable as debian but easier to install on laptops)
That being said, i actually own two devices which had ubuntu preinstalled.
Thsi day we celebrate a big victory over the organized crime and the terrorists.
You know, since in a time when risks of human trafficking and organized prostitution of minors, and islamist terrorism in the UK seem not too far fetched, the absolutely best use of police units is to look for the terrorists of the karaoke-mafia.
Slashdot Mirror
that terrorists figure out how to intentionally create misleading files on their computers and send out such files to 10000 random people in order to jam the system.
Use Sonar or other code checkers.
After you resolve the critical things (i.e. circular dependencies) etc there, life will be simpler.
If someone is a pedophile, however, if they act on that impulse and molest children, obviously that's quite harmful to the child and his/her development and psychology.
If they are pedophile AND act on that impulse. If people act on impulses they are dangerous without being pedophile.
Now it fits to the "wearables" trend.
and nothing new. You pay a little premium not to be disconnected as soon as somebody sends a legal request. Not reacting to something like that is what their customer pays for.
to lazy to do that.
Never heard of these before,. and i am pretty sure that wont like these.
Accessing HW busses is nothing which should be passed in any non-abstracted way to the web. The focus of the web (transmitting asynchronous, stateless, hardware abstracted information) could not be further apart from GPIO pins.
And so is this project from the core business of mozilla.
To have reached this figure (11 billion hours in December, apparently) Microsoft must have been logging individuals' usage times
Plainly wrong. there are many other ways to come to such a number without logging every bodies time individually.
The simplest way would be (given that they actually get events identifying usage from individual users to plainly add it up to a single counter for all users and discard the individual events.
A even more privacy-protecting way would be to use some statistical sampling together with data which MS has to get to do their job. I would be thinking that the data from the updates would yield a pretty accurate number on the system uptime (after some statistical crunching).
Last but not least-remember that this is a marketing text and not a science paper - would be an estimation based on "best guesses". Anyhow a figure like 11 billion could variy dramatically if you count breaks where the user walk away from the machine or not.
Now we need to add The Fitfth Element to the periodic table.
No need to watch us, just the terrorists!
Some of the things listed are valid, some not (like updates breaking the boot process - i experienced that once in the last 15 years of continuous linux use. OTOH I use debian (based) distributions for stability.
Well i have seen people placing constructs which "propagate" nulls in data structures...... (not that i am a fan of this, i would have liked to make guy swallow his keyboard). The strategies can to do so can be funny.
The place where (and how) you catch nulls is very programmer-specific in my experience and often evades the style-check.
Should have made more clear that i agree with you.
Tell me if something about my definition is unusual:
White-hat: only cares for ethics, does not want money
Black-hat: only cares for money/power. is not concerned about ethics
Grey-hat: accepts that he gets money/power/advantages for his skills, but only within his ethical boundaries.
Please tell me why i should not consider this guy a white-hat (tipping off journalists is *not* publishing). Side remark: While responsible disclosure is reasonable, i understand (given the reactions of companies) that younger and more impatient white-hats have their issues with it.
What you talk about is a solution by a thinking human, and not "big data - the massive cloud will solve it" pixie dust.
IMO: If your system dependencies and requirement links are so obfuscated that you can not make fall-back rules by hand, i would bet there is no AI which will save you.
The conclusion in the article was that everybody who manages to hack the MS database or extorts an employee there would get access to my data. While i severely doubt that accessing the key is easily possible for an employee (i would not think so) without being noticed, there is another important point: Whoever steals my key, still needs access to my physical access to the HD (an that is the only situation in which stealing the key makes a difference: physical access, but no possibility to manipulate the OS before).
That would be
(1) thieves
(2) anybody who buys the device witout being wiped correctly
(3) anybody who finde the device after being lost
(4) law enforcement (with court orders)
(5) intelligence service (in the gray zone)
1-3 probably wont get access to the key
4 at least will have to show an official document to MS to get the key (and at least make the transgression trackable, and therefore less likely that some stupid cop "just because he does not like your nose" will search the computer)
IMHO 1-4 are much more likely threats than 5.
Lets go to 5. If you are the target of an attack of any stat-level actor nowadays, i would assume that the level of precaution you have to take goes far beyond "not storing you key at MS". Dont get me wrong, i use local encryption and dont upload the key somewhere.
so the choice is
* making encryption unusable to the everyday user (most likely to get victim of accidental loss/theft) since they are afraid to loose theirs keys (imagine the kind of publicity MS would get....)
* accepting that law-enforcement/state-level actors still can transgress on a few selected users under substantially increased effort, but protect the average user from the fall-out of loosing his/her device
I personally thinks it's absolutely sane to choose the latter (and contrary to the statement in the article, most companies actually *do* store recovery keys centrally for Bitlocker.
If you believe that you are under treat by any western state-level actor, then trust nobody and nothing besides your own brain. The majority of the advice/ideas/hints/analysis which are reported in the tech press in respect to security are worthless shit.
Always mind you wording in reporting of such things.
If China does it, it's oppression of liberty. If we do it, it's the fight against crime an terrorism.
But somehow i am utterly non-interested.
In Switzerland this is used for a very small number of decisions, usually only for groundbreaking idealogical paths to choose about their national identity. The majority o laws are passed in a consensual way (In Swiss a very big consensus has to be reached before a law is passed.
In my opinion a toolbox on board of an airplane is more dangerous than a gun.
then buy dedicated instances.
I like micro instances/instances which do not occupy full physical processors at Amazon because of availability and price for low-impact/bandwidth applications. For all other use lambda or dedicated instances.
Virtual CPUs are anyway difficult to asses - to me it may be very relevant to have the 1st level cache of the core which i run on undisturbed by other applications (since changing the cache hits is a big deal for specific numerical problems), and for you 20% more share of the CPU may be important.
1% of computation time not spend in my task on a physical processor can do as much damage as 50% change in speed.
A small side remark: the price for the different VCPUs also varies.
In 2008/9/10 Untuntu was grat because they just fixed some thing which needed fixing.
from 2010-2011 Ubuntu got a little torublesome since they continued to fixing thing which did not need fixing in their own way (graphics/deskton enviroment)
after 2011 it becam unbearable since they did not even finish the things they started and neglected their core feature (stable as debian but easier to install on laptops)
That being said, i actually own two devices which had ubuntu preinstalled.
You dont understand it. The round edges are the more important feature on the iphone than a working GSM/Mobile connection.
Thsi day we celebrate a big victory over the organized crime and the terrorists.
You know, since in a time when risks of human trafficking and organized prostitution of minors, and islamist terrorism in the UK seem not too far fetched, the absolutely best use of police units is to look for the terrorists of the karaoke-mafia.