I tend to agree. If I were running a megacorp with 30k computers, and it turns out that 1000 of them have a rootkit I'd rather that they didn't just all die at the same time from a random patch.
Of course, I'd be scanning for stuff like this anyway, so I'd be fixing these problems before they got out of hand.
Even so, adding a major outage to a major security problem isn't necessarily an improvement.
I dunno - there is a real niche for some half-decent FOSS video editing software that works on lower-end hardware. I know a high-schooler who wants to get into video editing but he has a very old PC. It runs ancient versions of Pinnacle moderately well, but anything new just won't work. The problem is that the old software lacks a lot of features - and I'm talking about stuff like better support for DVDs, and codecs - nothing that should require more CPU/RAM.
He just got a camera that records to mpeg-2 and not DV, and now he's pretty much up the creek since no software that supports this will work on his PC. However, his parents aren't going to spend $2500 on a brand new PC if this is still just a hobby for him.
There is no reason you can't do video on lower-end systems - you just can't do it in full-resolution/quality at full frame rate. Just scale it all down to 320x200 or something and it should work fine...
Then why not figure out how to go to the stars in massive colony ships? Most of that technology can be built on the ground. Sure, the occasional prototype is fine, and if we spread it out over the next 5 billion years it should be fairly affordable.
Right now all a space program will do in the event of a global disaster is allow 5 people to watch from orbit until their air and food runs out sometime over the next 6-18 months.
The manned space program is a huge sink of resources and it doesn't really get us anywhere - at least not yet. Sure, keep up the R&D, and the applied work. Go ahead and have robots build us a base on mars or whatever. But let's not go nuts with putting people on Mars until we have some purpose for being there...
Passwords that expire every 15 minutes, your IT people are idiots and don't care or understand security.
Or, they merely work for these kinds of people.
The problem is that the IT people get in trouble if there is a security breach. If the IT person can point to a bunch of strict-sounding policies they've instituted then their manager points their finger at the policy violator and the IT guys are fine. If the IT guys don't have aggressive password aging turned on then consultant comes in, puts up a bunch of slides titled "Best Practices" and the boss fires the IT guys. The boss wants to know who to fire - they really don't care to get into a debate about effective security measures.
Real security improvements would require changes that hit the IT budget, and you can imagine how popular you'll be for proposing that! Instead you can have security theater, and a bunch of rules that everybody ignores. Then when something goes wrong everybody bears such a small portion of the accountability that nobody loses their job, or at least nobody the IT guy cares about.
I comply with all kinds of dumb IT policies when I deploy systems at work. Sure, I could "take on the system," or I could go ahead and deploy the system and collect a bonus for a smooth implementation. The users end up bearing pain as a result, but unless a policy is completely brain-dead it just isn't worth dying on that hill. When I see a real chance to change the system I take it, but fighting over password aging isn't going to get me anywhere, since any PHB can see how it is "more secure." The PHB doesn't pay for all the lost productivity, and they don't get in trouble when somebody writes down their password either.
That's why in my shop I'd comply 100% with Apple's requirement that the code be written originally in Objective C or whatever for their SDK. Of course, I might write the functional requirements in Java, and employ some REALLY efficient "software" developers to translate those "requirements" into "code." Why Java for requirements? Well, we're ISO 9001 and all that - we believe in having REALLY accurate specifications...
Well, in the case of troublemakers back home, the solution would be swat teams or special forces, depending on severity. You don't need to out-hack the hacker - you just need to find them.
Moreover, a serious cyber-warfare attack against the US would probably serve as a strong deterrent to a repeated attack in the future.
A bunch of terrorists in a rogue state knock out the US power grid for a week. US government calls up government of rogue state and one of two things happens:
a. Rogue state tracks down terrorist, and makes a nasty public example of them, or hands them over to the US to be made a nasty public example of.
b. Rogue state pulls a Taliban, and US pulls an Enduring Freedom.
For some reason people in IT seem to think that a cyber-war would be fought with firewalls and viruses. That is where such a war would start, but most of the fighting would take place with smart bombs and tanks. Why would the US get involved in an asymmetric war over wires when it has far more to lose, when they have aircraft carriers only a few hours away from bombing any location on Earth?
The safeguards the OP refers to are the ones that prevent detonation, not the ones that prevent launch. Different safeguards for different purposes.
Hmm - launching a bunch of nuclear missiles at the Soviet Union, with non-functional warheads, doesn't exactly sound like a good idea. Either don't launch, or if you do launch turn the enemy into a big crater. Triggering a counter-response and doing nothing to diminish it is just suicide. At least there is a chance that a first strike could get lucky...
With all the trouble that goes into PKI I can see why the air force didn't like the idea of having to juggle all kinds of arming codes in a war that is decided in 15 minutes. Still, there had to be a better solution than zeros...
Old dynamite has far greater hazards than flammable wood. Droplets of nitroglycerine can form, and since they're not bound up in the sawdust they can be extremely shock-sensitive. Old sticks of real dynamite can be extremely dangerous to handle.
Another reply suggested they are no longer in commercial use. I don't doubt it for this reason.
The artillery would only be effective against civilian targets. In order to fire them on military targets you'd need accurate near-realtime targeting data - which they can't obtain.
Sure, they could turn the South's cities into rubble, but that wouldn't have much of a military impact - only a political one. If they tried it chances are that both the US and China would step in to straighten things out. If anything the powers that be in NK would try desperately to surrender to the US rather than the alternative.
I'm sure China likes the squirming the US has to do around NK, but it isn't like they want an all-out war right on their borders. The last time that happened the US army almost ended up on their doorstep (with MacArthur calling for attacks on China), and at the time the US didn't have nearly the advantage it has today. It really isn't in anybody's interests to let things go that far again.
Shooting down the street isn't going to help - it won't confuse the location - instead they'll just have a continuously updating feed on your location.
Well, if the beam is dispersed from a central point towards a large area on the ground, then the energy per unit area will be proportional to the inverse square of the distance. That generally holds whether the laser is diffused over a large area or scanned over a large area, although in the one case it will be more energy for a shorter time vs less for longer.
So, if you half the distance you'll have four times the brightness.
So, if the satellite was at 80k feet, then the plane at 40k feet would have 4x the brightness. On the other hand, in the more likely scenario where the satellite is at 500k feet then the light would be 1.18x as strong. If the satellite is in geosync or something like that then the difference would be vanishingly small - like the difference between the brightness of the moon at those altitudes vs the ground.
Yup, improvised suppressors are probably effective for planned assassinations, but not a whole lot else.
When a drug deal goes bad I'm guessing that you'd need to whip out your gun and start shooting. An affixed suppressor that doesn't adversely impact the gun much isn't going to be a huge obstacle, but when you're in a draw-and-fire situation you're not going to start messing around with soda bottles.
Effective for a few shots is also not very useful, except for assassinations. If you're pulling your gun to defend yourself then you and your target will both be diving for cover and lots of shots will get exchanged.
Plus, automatic weapons will be a whole different issue with this technology. I doubt you'd be able to effectively defeat it without serious gear. Again, not street gang material.
If the bad guys are forced to go back to knives and arrows then the monitoring system will probably be worthwhile. Would you bring a knife to a dangerous drug deal when for all your know the guy you're going up against might still have a gun? After all, in a life or death situation getting caught by the police is still a secondary consideration.
Sounds like an almost endless supply of power if you can build a hydro plant big enough to run on 8" of gravitational potential energy. It isn't like you're going to run out of water anytime soon...
Tried to switch to evince on Windows machines. However, the most recent version doesn't let you print files. That obviously is a problem.
Maybe sometime in the next year or two the developers will post a fix. The last time I looked a few months ago there wasn't a fix, and it looked like the problem had been around for a while. Note to FOSS devs - "fixed in CVS" isn't a fix if there isn't a simple to use free build platform on the target OS.
I was of course referring to an aircraft in a conventional warfare situation - not in a "peacekeeping/cleanup" role.
In any case, the fact that you can have as many people watching the screens as you'd like and that you don't have to have a human pilot sitting in a cockpit for 8 hours straight still makes the UAV an ideal tool for these kinds of situations.
If I were setting up a UAV squadron, I'd have dedicated teams for aspects of missions. I'd have a takeoff/recovery team that does nothing but launch and land the things. I'd have transit sectors where in addition to controlling traffic the controllers jump into the cockpits and make corrections as needed. I'd have a general monitoring team where maybe 10 guys keep a general eye on the hundreds of UAVs in the air at once which aren't in actual combat. And, of course, I'd have the combat teams. I'd have groups with expertise in hitting individuals, survailence, hard targets, etc.
During missions each UAV would be handed off from team to team, and each team would be briefed as to the aspects of the missions that are relevant to them. Nobody would run long shifts at all, and the jobs would be changing often enough that nobody would get bored.
I think this is the real power of the UAV - it can be run by a team, and not merely by a pilot.
Plus, if somebody did need to crack one of these within two hours of getting their hands on it with minimal equipment this isn't how they'd go about it.
Step one for an attacker would be to go to a store and just buy a dozen of these USB drives. Then they attack the drives from home with a full machine shop, a clean room, electron microscopes, logic analyzers, FPGAs, and the works.
Then they figure out how to defeat the devices defenses, and then package that up into a minimal set of tools and steps needed to accomplish the feat in a few minutes.
Then when they steal the device they already know exactly what they're doing and it takes them no time at all.
It would be like a bank robber deciding on a whim to break into a bank, without checking plans, casing the place, identifying the vault make/model, etc. Like anything, a quickly executed mission depends on good planning.
Blowing up a masque is probably fairly career-limiting as well.
It really depends on what your mission is.
In any case, you can be as hair-triggered as necessary in a drone. In a manned aircraft you don't really have any choice - you plan a mission and you execute exactly what you planned. There is no time to go messing around with binoculars when you're flying in at 200 feet on afterburner and there are guns and SAMs surrounding your target. At least with the drone you can have a few more guys looking at the video feed and have your drone manned by a full staff, rather than one guy in the cockpit having to manage all aspects of the mission.
I'd argue that there is far less likely for mishap in the UAV situation. You can afford to take your time a bit more before dropping the bomb, for one thing. With a manned bombing mission in a dangerous theater they will tend to fly in, reach their drop point, drop the bombs, and head out of there. Every second you linger in the target area is a chance to be killed - if the target is worth hitting chances are that it is worth defending, so the area right around the target is often the most dangerous area in the whole mission.
On the other hand, with a UAV you can have one guy flying the thing (or it can be on autopilot), and you can have as many people as you like staring at the video feed making sure that everything looks ok before dropping the bomb. If in doubt you can just wait a little - ok, so maybe they get a missile or two off but you will probably still hit the target even if you don't make it out of there, and the loss of a UAV isn't a horrible thing.
Plus you don't have nearly as much adrenaline pumping, which makes for more level-headed decisions.
I think UAVs have a great deal of potential to cut down on battlefield errors.
Just have the military do everything in its power to suppress this technology, because it makes people less fit to die in wars. Make sure this gets leaked to the press.
Now all the people who would be arguing to ban this technology will knee-jerk and ensure that it is provided free to every school child!
And what happens when you close your business?
Maybe he doesn't want that domain any longer. Why should he have to pay for it forever just so that nobody else uses it?
And what will DNS look like in 100 years when 95% of all domain names belong to companies that no longer exist but refuse to let anybody recycle it?
I tend to agree. If I were running a megacorp with 30k computers, and it turns out that 1000 of them have a rootkit I'd rather that they didn't just all die at the same time from a random patch.
Of course, I'd be scanning for stuff like this anyway, so I'd be fixing these problems before they got out of hand.
Even so, adding a major outage to a major security problem isn't necessarily an improvement.
I dunno - there is a real niche for some half-decent FOSS video editing software that works on lower-end hardware. I know a high-schooler who wants to get into video editing but he has a very old PC. It runs ancient versions of Pinnacle moderately well, but anything new just won't work. The problem is that the old software lacks a lot of features - and I'm talking about stuff like better support for DVDs, and codecs - nothing that should require more CPU/RAM.
He just got a camera that records to mpeg-2 and not DV, and now he's pretty much up the creek since no software that supports this will work on his PC. However, his parents aren't going to spend $2500 on a brand new PC if this is still just a hobby for him.
There is no reason you can't do video on lower-end systems - you just can't do it in full-resolution/quality at full frame rate. Just scale it all down to 320x200 or something and it should work fine...
Then why not figure out how to go to the stars in massive colony ships? Most of that technology can be built on the ground. Sure, the occasional prototype is fine, and if we spread it out over the next 5 billion years it should be fairly affordable.
Right now all a space program will do in the event of a global disaster is allow 5 people to watch from orbit until their air and food runs out sometime over the next 6-18 months.
The manned space program is a huge sink of resources and it doesn't really get us anywhere - at least not yet. Sure, keep up the R&D, and the applied work. Go ahead and have robots build us a base on mars or whatever. But let's not go nuts with putting people on Mars until we have some purpose for being there...
Passwords that expire every 15 minutes, your IT people are idiots and don't care or understand security.
Or, they merely work for these kinds of people.
The problem is that the IT people get in trouble if there is a security breach. If the IT person can point to a bunch of strict-sounding policies they've instituted then their manager points their finger at the policy violator and the IT guys are fine. If the IT guys don't have aggressive password aging turned on then consultant comes in, puts up a bunch of slides titled "Best Practices" and the boss fires the IT guys. The boss wants to know who to fire - they really don't care to get into a debate about effective security measures.
Real security improvements would require changes that hit the IT budget, and you can imagine how popular you'll be for proposing that! Instead you can have security theater, and a bunch of rules that everybody ignores. Then when something goes wrong everybody bears such a small portion of the accountability that nobody loses their job, or at least nobody the IT guy cares about.
I comply with all kinds of dumb IT policies when I deploy systems at work. Sure, I could "take on the system," or I could go ahead and deploy the system and collect a bonus for a smooth implementation. The users end up bearing pain as a result, but unless a policy is completely brain-dead it just isn't worth dying on that hill. When I see a real chance to change the system I take it, but fighting over password aging isn't going to get me anywhere, since any PHB can see how it is "more secure." The PHB doesn't pay for all the lost productivity, and they don't get in trouble when somebody writes down their password either.
:) Good luck with that plan.
And, if nothing else you're massively overspending for a 500gb drive...
I'm surprised that nobody pointed out that most likely those Shoes are made in China as well. Do they ship them across the ocean twice?
Agreed 100%.
That's why in my shop I'd comply 100% with Apple's requirement that the code be written originally in Objective C or whatever for their SDK. Of course, I might write the functional requirements in Java, and employ some REALLY efficient "software" developers to translate those "requirements" into "code." Why Java for requirements? Well, we're ISO 9001 and all that - we believe in having REALLY accurate specifications...
What can a parent do? Two words:
Eviction notice.
Well, in the case of troublemakers back home, the solution would be swat teams or special forces, depending on severity. You don't need to out-hack the hacker - you just need to find them.
Moreover, a serious cyber-warfare attack against the US would probably serve as a strong deterrent to a repeated attack in the future.
A bunch of terrorists in a rogue state knock out the US power grid for a week. US government calls up government of rogue state and one of two things happens:
a. Rogue state tracks down terrorist, and makes a nasty public example of them, or hands them over to the US to be made a nasty public example of.
b. Rogue state pulls a Taliban, and US pulls an Enduring Freedom.
For some reason people in IT seem to think that a cyber-war would be fought with firewalls and viruses. That is where such a war would start, but most of the fighting would take place with smart bombs and tanks. Why would the US get involved in an asymmetric war over wires when it has far more to lose, when they have aircraft carriers only a few hours away from bombing any location on Earth?
The safeguards the OP refers to are the ones that prevent detonation, not the ones that prevent launch. Different safeguards for different purposes.
Hmm - launching a bunch of nuclear missiles at the Soviet Union, with non-functional warheads, doesn't exactly sound like a good idea. Either don't launch, or if you do launch turn the enemy into a big crater. Triggering a counter-response and doing nothing to diminish it is just suicide. At least there is a chance that a first strike could get lucky...
With all the trouble that goes into PKI I can see why the air force didn't like the idea of having to juggle all kinds of arming codes in a war that is decided in 15 minutes. Still, there had to be a better solution than zeros...
Old dynamite has far greater hazards than flammable wood. Droplets of nitroglycerine can form, and since they're not bound up in the sawdust they can be extremely shock-sensitive. Old sticks of real dynamite can be extremely dangerous to handle.
Another reply suggested they are no longer in commercial use. I don't doubt it for this reason.
The artillery would only be effective against civilian targets. In order to fire them on military targets you'd need accurate near-realtime targeting data - which they can't obtain.
Sure, they could turn the South's cities into rubble, but that wouldn't have much of a military impact - only a political one. If they tried it chances are that both the US and China would step in to straighten things out. If anything the powers that be in NK would try desperately to surrender to the US rather than the alternative.
I'm sure China likes the squirming the US has to do around NK, but it isn't like they want an all-out war right on their borders. The last time that happened the US army almost ended up on their doorstep (with MacArthur calling for attacks on China), and at the time the US didn't have nearly the advantage it has today. It really isn't in anybody's interests to let things go that far again.
The tapes would be an interesting approach.
Shooting down the street isn't going to help - it won't confuse the location - instead they'll just have a continuously updating feed on your location.
Well, if the beam is dispersed from a central point towards a large area on the ground, then the energy per unit area will be proportional to the inverse square of the distance. That generally holds whether the laser is diffused over a large area or scanned over a large area, although in the one case it will be more energy for a shorter time vs less for longer.
So, if you half the distance you'll have four times the brightness.
So, if the satellite was at 80k feet, then the plane at 40k feet would have 4x the brightness. On the other hand, in the more likely scenario where the satellite is at 500k feet then the light would be 1.18x as strong. If the satellite is in geosync or something like that then the difference would be vanishingly small - like the difference between the brightness of the moon at those altitudes vs the ground.
Yup, improvised suppressors are probably effective for planned assassinations, but not a whole lot else.
When a drug deal goes bad I'm guessing that you'd need to whip out your gun and start shooting. An affixed suppressor that doesn't adversely impact the gun much isn't going to be a huge obstacle, but when you're in a draw-and-fire situation you're not going to start messing around with soda bottles.
Effective for a few shots is also not very useful, except for assassinations. If you're pulling your gun to defend yourself then you and your target will both be diving for cover and lots of shots will get exchanged.
Plus, automatic weapons will be a whole different issue with this technology. I doubt you'd be able to effectively defeat it without serious gear. Again, not street gang material.
If the bad guys are forced to go back to knives and arrows then the monitoring system will probably be worthwhile. Would you bring a knife to a dangerous drug deal when for all your know the guy you're going up against might still have a gun? After all, in a life or death situation getting caught by the police is still a secondary consideration.
Sounds like an almost endless supply of power if you can build a hydro plant big enough to run on 8" of gravitational potential energy. It isn't like you're going to run out of water anytime soon...
Yup.
Poor Bill Clinton must be wondering how he missed out...
Tried to switch to evince on Windows machines. However, the most recent version doesn't let you print files. That obviously is a problem.
Maybe sometime in the next year or two the developers will post a fix. The last time I looked a few months ago there wasn't a fix, and it looked like the problem had been around for a while. Note to FOSS devs - "fixed in CVS" isn't a fix if there isn't a simple to use free build platform on the target OS.
I was of course referring to an aircraft in a conventional warfare situation - not in a "peacekeeping/cleanup" role.
In any case, the fact that you can have as many people watching the screens as you'd like and that you don't have to have a human pilot sitting in a cockpit for 8 hours straight still makes the UAV an ideal tool for these kinds of situations.
If I were setting up a UAV squadron, I'd have dedicated teams for aspects of missions. I'd have a takeoff/recovery team that does nothing but launch and land the things. I'd have transit sectors where in addition to controlling traffic the controllers jump into the cockpits and make corrections as needed. I'd have a general monitoring team where maybe 10 guys keep a general eye on the hundreds of UAVs in the air at once which aren't in actual combat. And, of course, I'd have the combat teams. I'd have groups with expertise in hitting individuals, survailence, hard targets, etc.
During missions each UAV would be handed off from team to team, and each team would be briefed as to the aspects of the missions that are relevant to them. Nobody would run long shifts at all, and the jobs would be changing often enough that nobody would get bored.
I think this is the real power of the UAV - it can be run by a team, and not merely by a pilot.
Yup.
Plus, if somebody did need to crack one of these within two hours of getting their hands on it with minimal equipment this isn't how they'd go about it.
Step one for an attacker would be to go to a store and just buy a dozen of these USB drives. Then they attack the drives from home with a full machine shop, a clean room, electron microscopes, logic analyzers, FPGAs, and the works.
Then they figure out how to defeat the devices defenses, and then package that up into a minimal set of tools and steps needed to accomplish the feat in a few minutes.
Then when they steal the device they already know exactly what they're doing and it takes them no time at all.
It would be like a bank robber deciding on a whim to break into a bank, without checking plans, casing the place, identifying the vault make/model, etc. Like anything, a quickly executed mission depends on good planning.
Blowing up a masque is probably fairly career-limiting as well.
It really depends on what your mission is.
In any case, you can be as hair-triggered as necessary in a drone. In a manned aircraft you don't really have any choice - you plan a mission and you execute exactly what you planned. There is no time to go messing around with binoculars when you're flying in at 200 feet on afterburner and there are guns and SAMs surrounding your target. At least with the drone you can have a few more guys looking at the video feed and have your drone manned by a full staff, rather than one guy in the cockpit having to manage all aspects of the mission.
I'd argue that there is far less likely for mishap in the UAV situation. You can afford to take your time a bit more before dropping the bomb, for one thing. With a manned bombing mission in a dangerous theater they will tend to fly in, reach their drop point, drop the bombs, and head out of there. Every second you linger in the target area is a chance to be killed - if the target is worth hitting chances are that it is worth defending, so the area right around the target is often the most dangerous area in the whole mission.
On the other hand, with a UAV you can have one guy flying the thing (or it can be on autopilot), and you can have as many people as you like staring at the video feed making sure that everything looks ok before dropping the bomb. If in doubt you can just wait a little - ok, so maybe they get a missile or two off but you will probably still hit the target even if you don't make it out of there, and the loss of a UAV isn't a horrible thing.
Plus you don't have nearly as much adrenaline pumping, which makes for more level-headed decisions.
I think UAVs have a great deal of potential to cut down on battlefield errors.
Sounds like we have a solution then.
Just have the military do everything in its power to suppress this technology, because it makes people less fit to die in wars. Make sure this gets leaked to the press.
Now all the people who would be arguing to ban this technology will knee-jerk and ensure that it is provided free to every school child!