As stated above, my scenario is it was dead when he started, and someone cut power back in during his work. I'm going on the assumption the tech was following good practices and that management/communication was where the fault occurred, based on the background provided in the article.
But the correct way to address that particular risk is to tie said source wires to ground with heavy cable. That way if some clown does light up the wires while you're working, the worst you're going to get is a bath of copper sparks before a breaker trips somewhere in the line. (unpleasant to be certain, but not lethal)
If I was going to be working in an environment where I was trusting somoene possibly a long distance away to keep their fingers off the knife-switch while I worked, (where driving to another location to install a lockout may not be practical) I think webbing the lines to ground while working on them is a precaution I would be consistently taking. I've read too many stories about clueless idiots blindly switching power back on when they stumble across a switch or breaker that's off.
"they offered me everything but money"... "so I still have it".
Owell. Wonder what his price is? If NASA doesn't want to cash him, maybe someone else will. If anything, barter for some of those "perks". $1000 for free lifetime tickets to usually off-limits NASA facilities would be a killer deal.
Today, some fears were allayed when it was announced that the government was not seeking to require software developers to build backdoors into their products. That said, the government said that companies should be able to decrypt 'targeted' data when required, and provide access to it.
What's the difference here? Companies like Apple are designing their systems such that they never have the key to the data. They hold the data, but have no way to access it, by design. The UK is saying they're not going to require back-doors, (presumably this means "they won't be required to provide a way for us to decrypt the customer's data") but at the same time they're saying "we should have access to the data anyway".
The only three ways I see to reconcile these two statements is to do one of: - not encrypt the data in the first place. - use worthless encryption - keep a copy of the key
Apple's current method of "we use strong encryption and don't have your key" would seem to voilate their requirement. But since the government wants to have a way in, without a back door, it means the company itself is required to have a back-door of their own built into the system, that allows the company access to your data. From there, the government can issue an NSL or something to force you to hand over the data.
So we're going from a back-door that lets only the government to have access to your data, to a "better model" that lets them have access to it, because the company also has access to it? How is this BETTER?
The 600k was the fine for non-compliance. You'd get that whether or not someone was killed. (some fines will get a bumper for injury, but not many have a bump for death for some reason)
Ret assured, there will be a multi-million dollar lawsuit filed by the family that will get settled out of court for an "undisclosed amount". (around 4 million is par) The fine was just the wakeup-call for the board to find a scapegoat to be the focus of the PR crucification and actual painful monetary loss for the impending lawsuit. The way things like this usually go, if the press doesn't dig up any real pattern of misconduct, there will probably just be someone issuing a public apology. If they do find a pattern, someone will get the axe.
Unfortunately, these places rarely get a fine unless someone is injured or killed, because nobody knows or cares about the noncomp until it hits the papers. Then the regs look bad if they don't step in and issue a fine like they ought to have done several times in the past to have, y'know, prevented this from happening in the first place.
But regardless of what happens, hopefully there will be changes made. From the looks of it, the tech that got killed was unaware that the wire that got him was energized, due to poor communication from his management, which appears to have been the result of poor communication from upper management and whoever was coordinating the work with the other group that was in charge of the deadly wire. So it's a bit early to be blaming the tech. Heck, he may have opened the box and tested it and found it wasn't connected yet and was safe to leave open, got to work, connecting it to something else, and half an hour later someone in another building lit the box up and the tech never knew what hit him. Things like that can happen when two different groups are working on connected systems and are unaware of each other and not keeping in communication as shared circuits are cut and energized.
I wonder though... at a dollar a pill... when you compare it to 750, it seems insanely tiny. But look at your bottle of ibuprofin, at $13 for 1,000 capsules, you see that even at a buck a pill they are still easily able to stay in the black.
I realize not every pill has the same manufacturing cost, but they are at least within an order of magnutude of each other for the most part. At a buck a pill, that bottle above would be $1,000. It's $13, and they're still making a margin off it. I'd be surprised if this $750 drug costs over 76 times as much to manufacture in quantity as another drug.
They're trying to recoup an R&D lost. I get that. That's OK. But they've had years to do that. That's precisely why we have patents. But when your time is up, that knowledge is transferred to the public. It's up to you as a developer to use your time wisely and recoup your investment and reap a reward for your innovation. But then you have to give it up. If you still don't feel you've managed to get enough back out of the system by that point, then you're doing something wrong, and have no one to blame but yourself.
FYI those rules are meant to apply to home devs and small time dev shops where it is nearly always far worse to write your own security than to utilise one that is professionally written.
That's half of it - getting crypto done right can be a very subtle thing, and doing something even slightly different can have an unexpected/unintended and sometimes catastrophic impact on the crypto. It's agonizingly easy to accidentally introduce bias without noticing.
The other half of that is the "many eyes make for shallow bugs" principle. Before anyone jumps, no that's not a guarantee, there have been several cases of a bug being in plain sight for years in the linux kernel for example. But as a general rule, the more people that can review the code, the fewer bugs it will continue to harbor. Unless MS's APIs are open-source (I don't know for certain but I rather doubt it!) then instead of thousands of reviewers, it's had at most a dozen serious examinations. And the notion that MS is assisting shadowy short initials isn't even a bit far-fetched. Back doors have an extremely short life-expectancy in open-source. (I've seen it happen with a rogue commit, but they get found in under a few weeks typically) No open source? No telling what's in there. It's much harder to identify a well-hidden back-door or especially an intentional bias in closed source.
It will also come in several different (subscription based) versions, offering a variety of features like Alarm, Daylight Savings, and chronograph, none of which will come with the starter version. If you don't keep your subsription up, it will start displaying "this time isn't genuine", and force you to watch an ad before it tells you what time it is.
It may have taken, even needed, apple to make tablets cool enough for the market to seriously consider them, but they don't know how to innovate and now Microsoft is using the same ads that are so effective in the demographic that usually buys Apple to sell them Surface.
Apple has always known how to innovate, the problem is it gets more difficult over a product's lifespan to find good, exciting new innovations. You start to "run out of steam". The best thing to do at that point is to come up with a whole new product and throw your innovation into that instead. The best time to do that is of course when the rest of the world has geared up and is copying your current product in its present form, with all the innovations already worked out. Can't blame them, skip the creativity, R&D, and risk, and go right to market with a safe, proven idea. But at that point it's a saturated market, and that cancels out a lot of the gains of your shortcuts. (that's been microsoft's strategy for decades now, it's low yield, but [i]is[/i] profitable if done right)
It's just time for Apple to move on. Their new target of course is the Apple Watch. I don't expect we'll see a lot of advances in the iPad department anymore, it's time for the copycats to take over milking it for what little is left there. I must admit it was pretty entertaining seeing all the smartmwatches just crawl out of the woodwork so quickly, the copycats are really stepping up their game. I'm sure we'll see an MS Watch sometime in the next few years, they don't move nearly as fast as the others. (they tend to wait for something to clearly be a success before copying it, rather than watching the rumor mills in an attempt to get a product to market in time to compete with what someone else thinks will be a hit - obviously risky)
well-said. wish i had some mod pts to give you. looks like you're in the ideal position to comment on this issue.
One thing I haven't seen addressed here is the possibility of combining tickets. I've worked help desks in several places before and used different ticket tracking systems. Most of them had the ability to take automated entries, either generated via a service desk web page or just from sending an email to the service@ address. Obviously the heuristics of filing/assigning the ticket were poor with the email route, but the online ones usually work pretty good.
The customer gets to enter in a brief description of the problem, then the form attempts to auto fill the fields. The user then has the opportunity to correct fields that were incorrectly selected.
In the end none of these systems combined tickets (that's tough for a compiuter to do) but they always sent the user a link they could click on to check ticket status. Only about 15% of users actually took advantage of this, but if you get someone that's getting upset over our response time, sitting down with them for a few minutes and training them on it (really doesn't require training, more of a hand-hold) that usually calms them right down. "no your request wasn't thrown away, yes we are still aware of the problem, no it hasn't been fixed yet, yes the right person has been informed, yes you will hear back from us when it's resolved."
Combining tickets was always a manual process. One place when I started I had over 100 tickets in the system, many of which were months old. Users would just enter a new ticket every few weeks (or days!) if they didn't physically see a problem get fixed. (did not check ticket status, maybe it can't be fixed, or we need more information than "it doesn't WORK!", etc) I spent the first few days simply combing over the list repeatedly, combining entries. Some tickets were in the system as many as 13 times, by three people. That makes the tickets a lot more manageable. It also has the effect of letting you know how many people a problem is affecting.
One improvement I didn't see was the ability for a user to look in the ticket system, FIND an open ticket for the problem they were having, and allow them to either (A) add notes, or (B) click a "ME TOO" button to add a counter to let the staff know it was affecting more people and should get higher priority. But given the average user's low ambition to even look at the status of their own tickets, sadly, this very useful feature would probably be very difficult to get into any reasonably high usage. People would much rather take the laziest approach and fire off a 20 second email, than fill out a 2 minute form, or do a 5 minute search. So it usually comes back to me to merge tickets and dedup.
IMAGINE THIS: big pothole opens up in front of your apartment, right outside the entrance to the lot. You put in a ticket. It's a residential low traffic street so it has low priority. Week or two goes by. OK... print out a note and stick it on the mailbox panel inside the apartment, "want that pothole out front fixed? go to www.mycity.com/maintenance and look up ticket #12345. Click the "ME TOO" button. If we all click that, it'll be fixed fast!" A week goes by, and five other tennants click ME TOO. The priority on that pothole goes from 1/10 to 6/10 due to having 6 complaints on it. Street department has it filled in two days later.
Reading the linked list of "company policies", I found a few snakes in the grass. Before anyone jumps and yells "You can't draw conclusions just because they're being vauge!"... YES I can, yes I will, and yes I should. These are major company policy announcements and an opportunity to add significant value to a company's products. If they're being vague here, they're hiding something or they are profoundly stupid. BOTH are good reasons not to do business with them.
Adobe Adobe has not built 'backdoors' for any governmentâ"foreign or domesticâ"into our products or services.
And thank you very much for that. Although you really don't have that much data on me or any of my information...
Amazon we oppose legislation mandating or prohibiting security or encryption technologies that would have the effect of weakening the security of products, systems, or services our customers use, whether they be individual consumers or business customers.
Um.... why didn't you have anything to say about whether or not you have back doors? Oh, probably something to do with that gag order. ok then.
Apple We also refuse to add a backdoor into any of our products because that undermines the protections weâ(TM)ve built in. And we can't unlock your device for anyone because you hold the key â" your unique password. We're committed to using powerful encryption because you should know the data on your device and the information you share with others is protected.
YEAH! That's how you do it. The article author loved that response.
Well said, just what I wanted to hear from you. You're only doing what you legally have to, and aren't just forking my data over to anyone that flashes a badge.
Dropbox Governments should never install backdoors into online services or compromise infrastructure to obtain user data. We'll continue to work to protect our systems and to change laws to make it clear that this type of activity is illegal.
In other words, we've already given in to the government and have installed back doors, but we're trying to find a legal way to get rid of them.
Microsoft As we have said before, there are times when law enforcement authorities need to access data to protect the public. However, that access should be governed by the rule of law, and not by mandating backdoors or weakening the security of our products and services used by millions of law-abiding customers. This should concern all of us.
Ditto. We're already doing it to you, but trust us, we don't like doing it, and neither should you.
Pinterest Pinterest opposes compelled back doors and supports reforms to limit bulk surveillance requests.
Are we seeing a trend yet?
Slack Slack opposes government-mandated âoeback-doorsâ of any kind but particularly a government-mandated requirement that would compromise data security.
Yes we've heard that from several of you now. I'd really rather hear about your actions than your words.
Snapchat Privacy and security are core values here at Snapchat and we strongly oppose any initiative that would deliberately weaken the security of our systems.
So do we. Which is why we don't want to do business with you either.
Sonic Finally, we are stating for the record our position regarding compelled inclusion of back doors, deliberate security weaknesses or disclosure of encryption keys. Sonic does not support these practices.
Um, the government doesn't care WHAT you do or don't support. They tell you do to it and you either take them to court or you say "yes, massa, right away, massa". Looks like another silver-tongued cop-out.
OK this is getting repetative. Here's the rest:
Tumblr Wickr Wordpress Yahoo We'll fight the laws that allow them to do so, We... urg
A US citizen has an absolute right to re-enter the country.
A sovereign country has an absolute right to defend its borders. I'm pretty sure the contradiction that arises from these two conflicting statements ends up in a loss for the citizen.
Them: "You're not leaving here until you give us your passwords."
Me: "go to hell. and while you're there, tell my lawyer to get over here pronto."
Did they notify Apple of the problem and wait before publishing the details on the exploit, to give them a chance to push a fix before releasing the information to the public? It looks like they threw out the details of the hole into the wild before giving anyone a chance to patch it?
You become a criminal when you break a law, knowingly or not, charged or not, even if no one else ever knows. That's what the definition of criminal is: someone who has broken the law.
First among the numberous problems with that statement are that (1) "when you break the law" has to be established. Someone says I picked a pencil up off this desk. Did I break the law? Is there a law for that? Does it apply to me? Was I actually the one that picked up the pencil? Are there any extenuating circumstances? Until you have addressed all of those questions and more, you cannot say I have broken the law. And that's what's missing here. They haven't even come close to establishing any law was broken. There are procedures that have to be done, and they're not complete. He hasn't even been charged yet. You must live in a very scary world where you can be considered a criminal simply because someone says you're a criminal, or says they think you broke a law.
should be illegal. OR they should remove the protection from countersuit in the event of an improper takedown for automated systems. "The exemption applies to human error. If you remove the human from the process, the safehaven no longer may be applied."
Its a similar problem to using explosives to knock down a building. Paintballs have a large enough amount of energy to take down a drone, but it's not applied in the right way. During WW2 when nations were using bombs to knock down buildings, they discovered that, somewhat contrary to common sense, using an explosive with a very fast detonation speed to produce a very string but very brief blast tended to only so supericial damage to buildings. The problem was that the mass of the building had to be overcome before you started to knock it down.
Explosives like ammonium nitrate on the other hand, have a very slow release of energy, while still containing a lot of total energy. So instead of trying to send the bricks flying airborne, which requires a lot of energy, they invest it slowly to PUSH the bricks sideways without lifting them, and shove the building over. "Work smarter, not harder".
Paintballs I think have a simiar problem of incorrect energy delivery. They're delivering all of their energy in a very small package. But when the ball hits, it breaks, and sends essentailly all of the energy-containing mass plattering in all directions, instead of transferring it effciently to the target. Anyone that's played paintball knows, "the balls that break don't hurt that much - it's the balls that DON'T break that leave bruises". 20% energy transfer vs 100% energy transfer. Stopping paint absorbs much more energy than deflecting it. Look at how the paint just parts around the sides of the drone and continues on to create a spray downrange. All that energy wasted!
If you want to use paintballs, the solution is easy. Freeze the paintballs. I absolutely guarantee frozen paintballs will be effective in bringing down a drone. Just keep a sandwich baggie of them in your freezer "in case of emergency". See a drone? Fill your hopper and encourage the drone to "chill out" and take a "break" on your lawn. Just make sure it lands ON your lawn, so it's clear to any authorities that it was in your airspace at the time. (and if it happens to land just outside... you might want to "covertly relocate" it slightly)
If the owner comes traipsing over and insists on your handing it over, refuse admission to your property. Insist that they will be charged with criminal tresspass if they enter or will not leave your property. If the neighbor kids throw a baseball and it lands inside your fenced yard, just because it's their ball doesn't give them legal right to come onto your property to recover it. Tell them to send the cops, you will gladly turn over the drone to the cops, and they can turn it over to the pilot. If they persist, don't resist, just protest and document (picture/film) the tresspass. Then regardless of how the drone thing ends, they WILL be liable for tresspass.
So leave it sitting on your lawn, guarded and covered. If they call the cops, take them to where it landed, point out the camera, turn it over, give your statement, and its all documented. The owner should get a nice dressing down from the cops before they give him back the drone.
Depending on the local laws and the particular judge though, you may be found liable for damage to the drone. Be preapred for that if you go hunting. Even if it doesn't seem fair, the law may not be on your side. If it really worries you, contact your local authorities for their official position on the matter before it comes up.
You might also go down the route "My daughter was upstairs in her bedroom changing to come outside when this drone flew by on our property at the same level, it could have been filming her through the second story window. She had an expectation of privacy that wast being violated. We demand the owner turn over any recorded footage."
>...You can be fired for discussing salary while on the clock....
To me, that sounds like an open invitation for a wrongful dismissal suit.
Not really. Except for specific restrictions provided by state and federal law, you are handing over your time to the company for the period you are there, in exchange for compensation, that's the deal you agreed to. They tell you what to do with that time, and that's what you do with it, and you get money and benefits. If you choose to do something else, you are violating the terms of your employment contract, and yes, they are legally justified if they choose to fire you for it. It's no different than insisting on playing solitaire on the computer when you should be crunching numbers in excel. You violte the terms of the contract, and they at the very least can tear it up. (they can also pursue legal action against you)
Though we live in a very litigous ("sue-happy") society nowadays. The reality is "You have the right to sue for any reason you want to, you're just not very likely to win a judgement in court for a lot of it". This falls into that category. Other factors can play in and tilt the balance too. Some companies have a known policy of going to great lengths to shut up former employees that sue to avoid bad publicity, and in those cases it can be (disgustingly) easy to get a settlement from them. So, despite "how it's supposed to work", YMMV.
A couple jobs ago I was chatting with another employee, we were discussing some "ominous signs" such as HR shredding documents like she was preparing for a parade. The topic of "giving notice" came up. The other guy said that if he found a good job somewhere else he'd walk with zero notice.
The manager overheard this and stepped in on the conversation, trying to berate us with "that's not how it's done in business, I expect you to give me at least two weeks' notice if you're going to quit!" I turned to him and said "so, how much notice will you give ME if you're going to lay me off or fire me?" (huff) (huff) (snort) is about all I got back, he couldn't even form words let alone a coherant sentence to respond to that. So I added, "I'll give you as much notice as I believe you'll give me." So rather than answer me, he just stomped away.
I don't think they consider just how much more inconvenient being unemployed is, compared to having to hire someone to replace a single employee that departs unexpectedly. For the boss, it's inconvenient. For the employee, suddenly losing their income, possibly the only income for an entire family, can be devastating. And yet they expect to be provided with notice, while providing none themselves. Sselfish, arrogant, and inconsiderate!
So everyone with a clue began job hunting. I had found new work, it wasn't nearly what I had now, but the writing was on the wall in pretty bold print at this point, so I accepted it. I showed up on a Thursday evening to start my (3rd) shift, and the gal from HR was in the parking lot with her hatch open, handing out unemployment packets. The entire center had been closed, everyone there got laid off that day, no one even was offered a transfer. I found out later that our manager had known this was going to happen for months.
My new job started on Monday. (total time unemployed - two days) Unfortunately, that's how they play the game, so that's how I have to play it too. If they don't like that, they have no one to blame but themselves, I'm just playing by their rules.
My understanding is that US law prohibits employees signing away their right to share the compensation information.
it does. A worker must be legally allowed to share their benefits (salary and otherwise) to members of their Union. But the law doesn't specifically say union, it's good for anyone.
Discussing it while on "company time" can certainly be controlled. You can be fired for discussing salary while on the clock. But once you step off the premisis, they cannot restrict that. Updating a spreadsheet stored on company servers, at work, while company time, however, is enforceable for a variety of reasons. Google could have canned the lot for that, provided it didn't violate other employment laws.
I've been chastisted by my manager for discussing salary with other employees outside of work. We explained how the law was on our side, and he simply got pissy and grumbled something about "you're not supposed to do that".
The whole point of it being that discouraging disclosure of benefits directly helps the company in negotiations. THEY know how much each employee is being paid, and they really do NOT want you to have that information, because it's leverage in the negotiations. So it's not even slightly surprising that they will try to prevent it. But as long as you do it off company time, off company grounds, and off company resources, they can't do jack. They can blowhard all they want, but there's no legal basis for action. In an "at-will state", you could still get fired for some random reason or no reason at all, but if they were foolish enough to open their mouths as to the reason they fired you, you could easily net a large payout in court. (any boss that specifically tells you why you were fired in front of witnesses is an idiot and needs to be fired themselves - too much litigation risk)
Firstly, the USB spec covers current draw up to 2 amps, typically communicated/negotiated via voltage preset on the two data pins. (wikipedia's got a good writeup on it) But considering the power the train is requiring all by itself to operate, a single light bulb could easily be drawing double what any iPad does. The variance of bad bulbs on trains would be more noticeable than the occasional charging phone.
There's already a sign up on these outlets saying "not for public use". If I were them I would add a little additional verbage, "use of this unregulated power outlet may cause damage to peripheral, train operatior is not responsible for damage caused by unlawful use" Lawyers would still maybe try to pick on it but wouldn't get much traction. There's alwayws that 1-in-a-million that pulls it off, but it's a statistical blip.
Changing the outlet covers would be expensive. You'd also have to change the vacuums etc. I'm sure there are other things they use like work lights etc. Covering the outlets would probably be effective but would end up costing more in staff time than the $$ saved in electricity, by far.
Placing the outlets on a switch would be hideously expensive. They tap into the common power rails, so new lines would have to be plumbed and a new breaker AND switch would have to be installed. No, you can't use the breaker. Breakers aren't meant for frequent use, you'd be replacing them once a year if you used them every day.
The wear and tear on an outlet would be noticeable but not bad. The trains get taken down for scheduled maintenance regularly anyway, and that's already on their checklist. If they try to use the outlet and it's a bit off, it gets replaced. One $4 outlet every few years really doesn't affect them.
It sounds like everyone involved overreacted to some degree or other, the train people, the citizen, and the police. The difference is only one of them could have severe direct consequences - the police. This places a higher onus on them to remain calm and rational, which they failed to do, which is confirmed by saner heads at the precinct prevailing and "de-arresting" him.
I'd like to say more but I gotta get off to work. When I get there I will plug in my phone to charge. And I won't expect anyone to flip a biscuit over it.
registrar turned off auto-renew, the alert emails were nowhere to be found, and my domain was suddenly owned by a cayman islands company.
Lesson: never rely on others to save you from yourself.
Don't ever take a chance with your domains, register them for 10 years at a time.
100% agree. I've owned a 4char domain for over two decades. Fortunately it's not a common combination and doesn't make any good acronyms, so no problems so far for me. But I still keep it registered 10 out AND make damn sure I know my domain unlock codes. (you will remember when godaddy locked all those people out awhile ago when their dns and registrar pages went down, no unlock codes means you do not have control, only your registrar does)
I have a very basic web page system and also have been running email on that domain the entire time though, so I hope that's a good enough case if need be.
though only if you identify the scope of the work. You need a bricklayer to build the house, but he needs to be educated if he's going to be the GC / project lead. Don't hire unskilled labor for a skilled position.
But it totally makes sense to hire basic codemonkeys for the grind work. You don't need a CS degree to maintain your site's javascript or write queries all day long.
Slashdot Mirror
As stated above, my scenario is it was dead when he started, and someone cut power back in during his work. I'm going on the assumption the tech was following good practices and that management/communication was where the fault occurred, based on the background provided in the article.
But the correct way to address that particular risk is to tie said source wires to ground with heavy cable. That way if some clown does light up the wires while you're working, the worst you're going to get is a bath of copper sparks before a breaker trips somewhere in the line. (unpleasant to be certain, but not lethal)
If I was going to be working in an environment where I was trusting somoene possibly a long distance away to keep their fingers off the knife-switch while I worked, (where driving to another location to install a lockout may not be practical) I think webbing the lines to ground while working on them is a precaution I would be consistently taking. I've read too many stories about clueless idiots blindly switching power back on when they stumble across a switch or breaker that's off.
"they offered me everything but money"... "so I still have it".
Owell. Wonder what his price is? If NASA doesn't want to cash him, maybe someone else will. If anything, barter for some of those "perks". $1000 for free lifetime tickets to usually off-limits NASA facilities would be a killer deal.
or eBay it...
What's the difference here? Companies like Apple are designing their systems such that they never have the key to the data. They hold the data, but have no way to access it, by design. The UK is saying they're not going to require back-doors, (presumably this means "they won't be required to provide a way for us to decrypt the customer's data") but at the same time they're saying "we should have access to the data anyway".
The only three ways I see to reconcile these two statements is to do one of:
- not encrypt the data in the first place.
- use worthless encryption
- keep a copy of the key
Apple's current method of "we use strong encryption and don't have your key" would seem to voilate their requirement. But since the government wants to have a way in, without a back door, it means the company itself is required to have a back-door of their own built into the system, that allows the company access to your data. From there, the government can issue an NSL or something to force you to hand over the data.
So we're going from a back-door that lets only the government to have access to your data, to a "better model" that lets them have access to it, because the company also has access to it? How is this BETTER?
I say NO to both!
The 600k was the fine for non-compliance. You'd get that whether or not someone was killed. (some fines will get a bumper for injury, but not many have a bump for death for some reason)
Ret assured, there will be a multi-million dollar lawsuit filed by the family that will get settled out of court for an "undisclosed amount". (around 4 million is par) The fine was just the wakeup-call for the board to find a scapegoat to be the focus of the PR crucification and actual painful monetary loss for the impending lawsuit. The way things like this usually go, if the press doesn't dig up any real pattern of misconduct, there will probably just be someone issuing a public apology. If they do find a pattern, someone will get the axe.
Unfortunately, these places rarely get a fine unless someone is injured or killed, because nobody knows or cares about the noncomp until it hits the papers. Then the regs look bad if they don't step in and issue a fine like they ought to have done several times in the past to have, y'know, prevented this from happening in the first place.
But regardless of what happens, hopefully there will be changes made. From the looks of it, the tech that got killed was unaware that the wire that got him was energized, due to poor communication from his management, which appears to have been the result of poor communication from upper management and whoever was coordinating the work with the other group that was in charge of the deadly wire. So it's a bit early to be blaming the tech. Heck, he may have opened the box and tested it and found it wasn't connected yet and was safe to leave open, got to work, connecting it to something else, and half an hour later someone in another building lit the box up and the tech never knew what hit him. Things like that can happen when two different groups are working on connected systems and are unaware of each other and not keeping in communication as shared circuits are cut and energized.
I wonder though... at a dollar a pill... when you compare it to 750, it seems insanely tiny. But look at your bottle of ibuprofin, at $13 for 1,000 capsules, you see that even at a buck a pill they are still easily able to stay in the black.
I realize not every pill has the same manufacturing cost, but they are at least within an order of magnutude of each other for the most part. At a buck a pill, that bottle above would be $1,000. It's $13, and they're still making a margin off it. I'd be surprised if this $750 drug costs over 76 times as much to manufacture in quantity as another drug.
They're trying to recoup an R&D lost. I get that. That's OK. But they've had years to do that. That's precisely why we have patents. But when your time is up, that knowledge is transferred to the public. It's up to you as a developer to use your time wisely and recoup your investment and reap a reward for your innovation. But then you have to give it up. If you still don't feel you've managed to get enough back out of the system by that point, then you're doing something wrong, and have no one to blame but yourself.
That's half of it - getting crypto done right can be a very subtle thing, and doing something even slightly different can have an unexpected/unintended and sometimes catastrophic impact on the crypto. It's agonizingly easy to accidentally introduce bias without noticing.
The other half of that is the "many eyes make for shallow bugs" principle. Before anyone jumps, no that's not a guarantee, there have been several cases of a bug being in plain sight for years in the linux kernel for example. But as a general rule, the more people that can review the code, the fewer bugs it will continue to harbor. Unless MS's APIs are open-source (I don't know for certain but I rather doubt it!) then instead of thousands of reviewers, it's had at most a dozen serious examinations. And the notion that MS is assisting shadowy short initials isn't even a bit far-fetched. Back doors have an extremely short life-expectancy in open-source. (I've seen it happen with a rogue commit, but they get found in under a few weeks typically) No open source? No telling what's in there. It's much harder to identify a well-hidden back-door or especially an intentional bias in closed source.
I'm surprised we don't see [b]more[/b] people shouting "Where's my hoverboard?!!"
Rule #1 of crypto: don't write your own
Rule #2 of crypto: DON'T write your own
Rule #3 of crypto: DON'T WRITE YOUR OWN
They're not difficult rules to follow. But then they seem to enjoy writing their own rules, despite what's good for the consumer.
It will also come in several different (subscription based) versions, offering a variety of features like Alarm, Daylight Savings, and chronograph, none of which will come with the starter version. If you don't keep your subsription up, it will start displaying "this time isn't genuine", and force you to watch an ad before it tells you what time it is.
Apple has always known how to innovate, the problem is it gets more difficult over a product's lifespan to find good, exciting new innovations. You start to "run out of steam". The best thing to do at that point is to come up with a whole new product and throw your innovation into that instead. The best time to do that is of course when the rest of the world has geared up and is copying your current product in its present form, with all the innovations already worked out. Can't blame them, skip the creativity, R&D, and risk, and go right to market with a safe, proven idea. But at that point it's a saturated market, and that cancels out a lot of the gains of your shortcuts. (that's been microsoft's strategy for decades now, it's low yield, but [i]is[/i] profitable if done right)
It's just time for Apple to move on. Their new target of course is the Apple Watch. I don't expect we'll see a lot of advances in the iPad department anymore, it's time for the copycats to take over milking it for what little is left there. I must admit it was pretty entertaining seeing all the smartmwatches just crawl out of the woodwork so quickly, the copycats are really stepping up their game. I'm sure we'll see an MS Watch sometime in the next few years, they don't move nearly as fast as the others. (they tend to wait for something to clearly be a success before copying it, rather than watching the rumor mills in an attempt to get a product to market in time to compete with what someone else thinks will be a hit - obviously risky)
really all they have in common is they both switch frequently between life shots (most of which not incorporatin the product), with deadpan narration.
Nadessico did it MUCH better.
Watch it until at least 0:50. After that, you won't want to stop.
https://www.youtube.com/watch?...
well-said. wish i had some mod pts to give you. looks like you're in the ideal position to comment on this issue.
One thing I haven't seen addressed here is the possibility of combining tickets. I've worked help desks in several places before and used different ticket tracking systems. Most of them had the ability to take automated entries, either generated via a service desk web page or just from sending an email to the service@ address. Obviously the heuristics of filing/assigning the ticket were poor with the email route, but the online ones usually work pretty good.
The customer gets to enter in a brief description of the problem, then the form attempts to auto fill the fields. The user then has the opportunity to correct fields that were incorrectly selected.
In the end none of these systems combined tickets (that's tough for a compiuter to do) but they always sent the user a link they could click on to check ticket status. Only about 15% of users actually took advantage of this, but if you get someone that's getting upset over our response time, sitting down with them for a few minutes and training them on it (really doesn't require training, more of a hand-hold) that usually calms them right down. "no your request wasn't thrown away, yes we are still aware of the problem, no it hasn't been fixed yet, yes the right person has been informed, yes you will hear back from us when it's resolved."
Combining tickets was always a manual process. One place when I started I had over 100 tickets in the system, many of which were months old. Users would just enter a new ticket every few weeks (or days!) if they didn't physically see a problem get fixed. (did not check ticket status, maybe it can't be fixed, or we need more information than "it doesn't WORK!", etc) I spent the first few days simply combing over the list repeatedly, combining entries. Some tickets were in the system as many as 13 times, by three people. That makes the tickets a lot more manageable. It also has the effect of letting you know how many people a problem is affecting.
One improvement I didn't see was the ability for a user to look in the ticket system, FIND an open ticket for the problem they were having, and allow them to either (A) add notes, or (B) click a "ME TOO" button to add a counter to let the staff know it was affecting more people and should get higher priority. But given the average user's low ambition to even look at the status of their own tickets, sadly, this very useful feature would probably be very difficult to get into any reasonably high usage. People would much rather take the laziest approach and fire off a 20 second email, than fill out a 2 minute form, or do a 5 minute search. So it usually comes back to me to merge tickets and dedup.
IMAGINE THIS: big pothole opens up in front of your apartment, right outside the entrance to the lot. You put in a ticket. It's a residential low traffic street so it has low priority. Week or two goes by. OK... print out a note and stick it on the mailbox panel inside the apartment, "want that pothole out front fixed? go to www.mycity.com/maintenance and look up ticket #12345. Click the "ME TOO" button. If we all click that, it'll be fixed fast!" A week goes by, and five other tennants click ME TOO. The priority on that pothole goes from 1/10 to 6/10 due to having 6 complaints on it. Street department has it filled in two days later.
That's how it's supposed to work.
Reading the linked list of "company policies", I found a few snakes in the grass. Before anyone jumps and yells "You can't draw conclusions just because they're being vauge!"... YES I can, yes I will, and yes I should. These are major company policy announcements and an opportunity to add significant value to a company's products. If they're being vague here, they're hiding something or they are profoundly stupid. BOTH are good reasons not to do business with them.
Adobe
Adobe has not built 'backdoors' for any governmentâ"foreign or domesticâ"into our products or services.
And thank you very much for that. Although you really don't have that much data on me or any of my information...
Amazon
we oppose legislation mandating or prohibiting security or encryption technologies that would have the effect of weakening the security of products, systems, or services our customers use, whether they be individual consumers or business customers.
Um.... why didn't you have anything to say about whether or not you have back doors? Oh, probably something to do with that gag order. ok then.
Apple
We also refuse to add a backdoor into any of our products because that undermines the protections weâ(TM)ve built in. And we can't unlock your device for anyone because you hold the key â" your unique password. We're committed to using powerful encryption because you should know the data on your device and the information you share with others is protected.
YEAH! That's how you do it. The article author loved that response.
Well said, just what I wanted to hear from you. You're only doing what you legally have to, and aren't just forking my data over to anyone that flashes a badge.
Dropbox
Governments should never install backdoors into online services or compromise infrastructure to obtain user data. We'll continue to work to protect our systems and to change laws to make it clear that this type of activity is illegal.
In other words, we've already given in to the government and have installed back doors, but we're trying to find a legal way to get rid of them.
Microsoft
As we have said before, there are times when law enforcement authorities need to access data to protect the public. However, that access should be governed by the rule of law, and not by mandating backdoors or weakening the security of our products and services used by millions of law-abiding customers. This should concern all of us.
Ditto. We're already doing it to you, but trust us, we don't like doing it, and neither should you.
Pinterest
Pinterest opposes compelled back doors and supports reforms to limit bulk surveillance requests.
Are we seeing a trend yet?
Slack
Slack opposes government-mandated âoeback-doorsâ of any kind but particularly a government-mandated requirement that would compromise data security.
Yes we've heard that from several of you now. I'd really rather hear about your actions than your words.
Snapchat
Privacy and security are core values here at Snapchat and we strongly oppose any initiative that would deliberately weaken the security of our systems.
So do we. Which is why we don't want to do business with you either.
Sonic
Finally, we are stating for the record our position regarding compelled inclusion of back doors, deliberate security weaknesses or disclosure of encryption keys. Sonic does not support these practices.
Um, the government doesn't care WHAT you do or don't support. They tell you do to it and you either take them to court or you say "yes, massa, right away, massa". Looks like another silver-tongued cop-out.
OK this is getting repetative. Here's the rest:
Tumblr ... urg
Wickr
Wordpress
Yahoo
We'll fight the laws that allow them to do so,
We
A sovereign country has an absolute right to defend its borders. I'm pretty sure the contradiction that arises from these two conflicting statements ends up in a loss for the citizen.
Them: "You're not leaving here until you give us your passwords."
Me: "go to hell. and while you're there, tell my lawyer to get over here pronto."
Did they notify Apple of the problem and wait before publishing the details on the exploit, to give them a chance to push a fix before releasing the information to the public? It looks like they threw out the details of the hole into the wild before giving anyone a chance to patch it?
First among the numberous problems with that statement are that (1) "when you break the law" has to be established. Someone says I picked a pencil up off this desk. Did I break the law? Is there a law for that? Does it apply to me? Was I actually the one that picked up the pencil? Are there any extenuating circumstances? Until you have addressed all of those questions and more, you cannot say I have broken the law. And that's what's missing here. They haven't even come close to establishing any law was broken. There are procedures that have to be done, and they're not complete. He hasn't even been charged yet. You must live in a very scary world where you can be considered a criminal simply because someone says you're a criminal, or says they think you broke a law.
should be illegal. OR they should remove the protection from countersuit in the event of an improper takedown for automated systems. "The exemption applies to human error. If you remove the human from the process, the safehaven no longer may be applied."
Its a similar problem to using explosives to knock down a building. Paintballs have a large enough amount of energy to take down a drone, but it's not applied in the right way. During WW2 when nations were using bombs to knock down buildings, they discovered that, somewhat contrary to common sense, using an explosive with a very fast detonation speed to produce a very string but very brief blast tended to only so supericial damage to buildings. The problem was that the mass of the building had to be overcome before you started to knock it down.
Explosives like ammonium nitrate on the other hand, have a very slow release of energy, while still containing a lot of total energy. So instead of trying to send the bricks flying airborne, which requires a lot of energy, they invest it slowly to PUSH the bricks sideways without lifting them, and shove the building over. "Work smarter, not harder".
Paintballs I think have a simiar problem of incorrect energy delivery. They're delivering all of their energy in a very small package. But when the ball hits, it breaks, and sends essentailly all of the energy-containing mass plattering in all directions, instead of transferring it effciently to the target. Anyone that's played paintball knows, "the balls that break don't hurt that much - it's the balls that DON'T break that leave bruises". 20% energy transfer vs 100% energy transfer. Stopping paint absorbs much more energy than deflecting it. Look at how the paint just parts around the sides of the drone and continues on to create a spray downrange. All that energy wasted!
If you want to use paintballs, the solution is easy. Freeze the paintballs. I absolutely guarantee frozen paintballs will be effective in bringing down a drone. Just keep a sandwich baggie of them in your freezer "in case of emergency". See a drone? Fill your hopper and encourage the drone to "chill out" and take a "break" on your lawn. Just make sure it lands ON your lawn, so it's clear to any authorities that it was in your airspace at the time. (and if it happens to land just outside... you might want to "covertly relocate" it slightly)
If the owner comes traipsing over and insists on your handing it over, refuse admission to your property. Insist that they will be charged with criminal tresspass if they enter or will not leave your property. If the neighbor kids throw a baseball and it lands inside your fenced yard, just because it's their ball doesn't give them legal right to come onto your property to recover it. Tell them to send the cops, you will gladly turn over the drone to the cops, and they can turn it over to the pilot. If they persist, don't resist, just protest and document (picture/film) the tresspass. Then regardless of how the drone thing ends, they WILL be liable for tresspass.
So leave it sitting on your lawn, guarded and covered. If they call the cops, take them to where it landed, point out the camera, turn it over, give your statement, and its all documented. The owner should get a nice dressing down from the cops before they give him back the drone.
Depending on the local laws and the particular judge though, you may be found liable for damage to the drone. Be preapred for that if you go hunting. Even if it doesn't seem fair, the law may not be on your side. If it really worries you, contact your local authorities for their official position on the matter before it comes up.
You might also go down the route "My daughter was upstairs in her bedroom changing to come outside when this drone flew by on our property at the same level, it could have been filming her through the second story window. She had an expectation of privacy that wast being violated. We demand the owner turn over any recorded footage."
Not really. Except for specific restrictions provided by state and federal law, you are handing over your time to the company for the period you are there, in exchange for compensation, that's the deal you agreed to. They tell you what to do with that time, and that's what you do with it, and you get money and benefits. If you choose to do something else, you are violating the terms of your employment contract, and yes, they are legally justified if they choose to fire you for it. It's no different than insisting on playing solitaire on the computer when you should be crunching numbers in excel. You violte the terms of the contract, and they at the very least can tear it up. (they can also pursue legal action against you)
Though we live in a very litigous ("sue-happy") society nowadays. The reality is "You have the right to sue for any reason you want to, you're just not very likely to win a judgement in court for a lot of it". This falls into that category. Other factors can play in and tilt the balance too. Some companies have a known policy of going to great lengths to shut up former employees that sue to avoid bad publicity, and in those cases it can be (disgustingly) easy to get a settlement from them. So, despite "how it's supposed to work", YMMV.
A couple jobs ago I was chatting with another employee, we were discussing some "ominous signs" such as HR shredding documents like she was preparing for a parade. The topic of "giving notice" came up. The other guy said that if he found a good job somewhere else he'd walk with zero notice.
The manager overheard this and stepped in on the conversation, trying to berate us with "that's not how it's done in business, I expect you to give me at least two weeks' notice if you're going to quit!" I turned to him and said "so, how much notice will you give ME if you're going to lay me off or fire me?" (huff) (huff) (snort) is about all I got back, he couldn't even form words let alone a coherant sentence to respond to that. So I added, "I'll give you as much notice as I believe you'll give me." So rather than answer me, he just stomped away.
I don't think they consider just how much more inconvenient being unemployed is, compared to having to hire someone to replace a single employee that departs unexpectedly. For the boss, it's inconvenient. For the employee, suddenly losing their income, possibly the only income for an entire family, can be devastating. And yet they expect to be provided with notice, while providing none themselves. Sselfish, arrogant, and inconsiderate!
So everyone with a clue began job hunting. I had found new work, it wasn't nearly what I had now, but the writing was on the wall in pretty bold print at this point, so I accepted it. I showed up on a Thursday evening to start my (3rd) shift, and the gal from HR was in the parking lot with her hatch open, handing out unemployment packets. The entire center had been closed, everyone there got laid off that day, no one even was offered a transfer. I found out later that our manager had known this was going to happen for months.
My new job started on Monday. (total time unemployed - two days) Unfortunately, that's how they play the game, so that's how I have to play it too. If they don't like that, they have no one to blame but themselves, I'm just playing by their rules.
it does. A worker must be legally allowed to share their benefits (salary and otherwise) to members of their Union. But the law doesn't specifically say union, it's good for anyone.
Discussing it while on "company time" can certainly be controlled. You can be fired for discussing salary while on the clock. But once you step off the premisis, they cannot restrict that. Updating a spreadsheet stored on company servers, at work, while company time, however, is enforceable for a variety of reasons. Google could have canned the lot for that, provided it didn't violate other employment laws.
I've been chastisted by my manager for discussing salary with other employees outside of work. We explained how the law was on our side, and he simply got pissy and grumbled something about "you're not supposed to do that".
The whole point of it being that discouraging disclosure of benefits directly helps the company in negotiations. THEY know how much each employee is being paid, and they really do NOT want you to have that information, because it's leverage in the negotiations. So it's not even slightly surprising that they will try to prevent it. But as long as you do it off company time, off company grounds, and off company resources, they can't do jack. They can blowhard all they want, but there's no legal basis for action. In an "at-will state", you could still get fired for some random reason or no reason at all, but if they were foolish enough to open their mouths as to the reason they fired you, you could easily net a large payout in court. (any boss that specifically tells you why you were fired in front of witnesses is an idiot and needs to be fired themselves - too much litigation risk)
Firstly, the USB spec covers current draw up to 2 amps, typically communicated/negotiated via voltage preset on the two data pins. (wikipedia's got a good writeup on it) But considering the power the train is requiring all by itself to operate, a single light bulb could easily be drawing double what any iPad does. The variance of bad bulbs on trains would be more noticeable than the occasional charging phone.
There's already a sign up on these outlets saying "not for public use". If I were them I would add a little additional verbage, "use of this unregulated power outlet may cause damage to peripheral, train operatior is not responsible for damage caused by unlawful use" Lawyers would still maybe try to pick on it but wouldn't get much traction. There's alwayws that 1-in-a-million that pulls it off, but it's a statistical blip.
Changing the outlet covers would be expensive. You'd also have to change the vacuums etc. I'm sure there are other things they use like work lights etc. Covering the outlets would probably be effective but would end up costing more in staff time than the $$ saved in electricity, by far.
Placing the outlets on a switch would be hideously expensive. They tap into the common power rails, so new lines would have to be plumbed and a new breaker AND switch would have to be installed. No, you can't use the breaker. Breakers aren't meant for frequent use, you'd be replacing them once a year if you used them every day.
The wear and tear on an outlet would be noticeable but not bad. The trains get taken down for scheduled maintenance regularly anyway, and that's already on their checklist. If they try to use the outlet and it's a bit off, it gets replaced. One $4 outlet every few years really doesn't affect them.
It sounds like everyone involved overreacted to some degree or other, the train people, the citizen, and the police. The difference is only one of them could have severe direct consequences - the police. This places a higher onus on them to remain calm and rational, which they failed to do, which is confirmed by saner heads at the precinct prevailing and "de-arresting" him.
I'd like to say more but I gotta get off to work. When I get there I will plug in my phone to charge. And I won't expect anyone to flip a biscuit over it.
Lesson: never rely on others to save you from yourself.
100% agree. I've owned a 4char domain for over two decades. Fortunately it's not a common combination and doesn't make any good acronyms, so no problems so far for me. But I still keep it registered 10 out AND make damn sure I know my domain unlock codes. (you will remember when godaddy locked all those people out awhile ago when their dns and registrar pages went down, no unlock codes means you do not have control, only your registrar does)
I have a very basic web page system and also have been running email on that domain the entire time though, so I hope that's a good enough case if need be.
though only if you identify the scope of the work. You need a bricklayer to build the house, but he needs to be educated if he's going to be the GC / project lead. Don't hire unskilled labor for a skilled position.
But it totally makes sense to hire basic codemonkeys for the grind work. You don't need a CS degree to maintain your site's javascript or write queries all day long.