Would your very large defense company employer actually let you sign into Google services? I'd imagine that stuff like gmail/drive/etc are probably considered a liability.
It probably wouldn't be too hard to get the best of both worlds though. Allow users to authenticate with third-parties against Steam's OpenAPI equivalent to allow access to *their* data, while allowing anonymous data extracts to more global variables (e.g. how many discrete users are playing this game, age range, country, CPU/GPU etc) for unauthenticated services.
In the end, Steam is making money off of game (ok, and hat) sales, so they don't need to monetize your data in the same way that FB etc are, but that same data can still - if used correctly - be very useful to gamers and the industry at large if provided in a way that protects the privacy of the player.
I have the ZW2 as well. How's the battery life on yours? Mine seems very unpredictable as one day it'll be fine and the next it will chew through 3/4 of the battery by noon.
Nope. If they're visiting websites while logged in whole on-premises, then hopefully your other compensating controls (DNS filter, firewall, AV) can help deal with that. Not trusting the device initially is more to prevent things like: a) Unauthorized devices in general attaching to your network (home device, infiltration devices, etc) b) Machines that have left the premises (e.g. a laptop that may have been infected in the field outside the firewall etc) c) Overall better identification and management of systems within an environment: knowing what and where.
No, but the usual points of concern aren't printers etc but users and their PC's. A printer doesn't go out and browse bad sites on the internet during work hours, users do. Whitelist the printers. Blacklist any user PC until it's be validated. If you *CAN* validate the printers, even better!
Ditto here. Not to mention that the Ionic is a *joke* compared to what Pebble was releasing. Yeah, the early Pebble watches were plasticy, but the Time Steel 2 (which I was also on the kickstarter for) was a nice looking watch and would have had a color screen and approx a week of battery-life. There is *still* no watch that compares. I've had a Huawei Fit (the B&W model) which was comparable in battery life but very lacking in features, and gone through various "Android Wear" watches which all have fairly shyte and not-to-mention inconsistent battery life.
Is it really too much to ask for a watch that looks nice, has decent features (message notifications from all apps, calendar, music control, faces, color), and lasts more than a day or two on battery?
It's interesting how Intel managed to downplay the AMT issues, which IMHO are more in-line with Spectre in most cases (a bit worse in effect, easier to patch apparently), but is now playing up Spectre to have it overshadow Meltdown...
Yeah. I think part of this shows an pretty big need to reassess the use and longevity of major industrial and medical devices in a connected world. I've seen local hospitals with XP devices etc as well but they're not connected to anything (even then there's a risk if people are using USB devices). Obviously there's a cost but it should be considered part of maintenance because a breach or a disabling worm could lead to catastrophic downtime.
Imagine if you've got some sort of very important medical device monitoring and keeping somebody alive and it suddenly goes down because of an attack against an unpatched exploit... scary shit.
It could, but obviously in the case of NHS and WannaCry they had a significant amount of machines running XP that were *not* air-gapped.
An air-gap also only works for network-layer stuff. Iran's centrifuges were air-gapped but still had available USB ports which allowed transmission by physical device. The devices in this case are only really safe if they never interact in any way with any other devices.
A stealth virus could work in much the same way. To be fair with that though, a modern OS still might bot be any proof against such a method if it's an unknown vulnerability/0-day. However, if you are running a consumer OS, then part of the process of acquiring equipment should be to ensure proper hardening, patching, and eventually everygreening (retirement) schedules. I'm not saying Linux etc would be better - plenty of people still on RHEL5 - but at least with an open driver and/or open software there's a better chance of moving it up to something more modern.
"A reported 90 percent of NHS trusts run at least one Windows XP device, an operating system Microsoft first introduced in 2001 and hasn't supported since 2014."
He does tend to call a fair number of thing shit. This is likely because that - given the potential number of contributers trying to push stuff into the kernel - a good portion of it *IS* shit.
they will buy AMD if they can't get nVidia cards for a reasonable price
They *would* if AMD cards were more reasonably available. They aren't. In fact, they're probably worse. I got an RX480 when they were relatively new over a year ago. Since then, the RX580's have come out. The 580's are perpetually out of stock, mostly due to miners. The 480's are similarly very hard to find and now cost more used than I paid new. I've seen Nvidia 1080's etc come on sale and go (very quickly) but very little from AMD-land except some comparatively shyte RX550's (which there's apparently some scandal about being rebranded 450's or whatever). The big issue for NVidia is not only is stock scarse, but the prices are still insanely high at retail, with 1080's going from $800-1200 (CAD).
Absolutely. I can't remember at exactly which version, but I found that after one upgrade to Wine suddenly a crapload of my windows games started to "just work". What's more, they would often run better under Wine than a native windows OS (or in some cases wouldn't install on a modern Windows at all).
Spectre is pretty much anything with a modern chip, including Intel, AMD, and ARM. Some of the few exemptions were processors that don't do speculative/out-of-order execution. The only more recent hardware I've seen that's immune are the Raspberry Pi (in-order-execution) and some ARM hardware such as various Snapdragon or Cortex-A53/55. Some of the older Atom stuff is also safe because it doesn't do OOE, but Spectre will hit the majority of the rest.
Meltdown was quite certainly an Intel thing according all legit sources. It seem part of Intel's PR machine that somehow managed to group the two together even though they're quite separate vulnerabilities with quite different risk and effect factors.
Yup, and you definitely will issues that come from this. For example, testing.
Remember when a certain tech company's facial-tracking would not recognize people with dark skin. That can be pretty much attributed to a lack of diversity in the testing team.
There was also a recent hubbub about idevices' facial unlock between Asian co-workers. I've not heard that there's been a lot of cases with this, but if it were then it could again be attributable to a lack of diversity in testing.
That isn't to say that you *need* diversity in every group, not that you shouldn't hire the best candidates for a position, but sometimes diversity comes with its own benefits that might not be immediately visible from a more technical viewpoint.
Part of the concept there though is changing the culture to make it more attractive (or rather less unattractive) to females. There are certainly some legitimate and worthy goals in this area, but at the same time - like anything - the concept of "given an inch, they'll take a mile" will apply to some people who simple use it to further their personal agenda. Unfortunately in a lot of cases, there's a concept that "the majority" or "those at the top" are always wrong, which leads to a massive upheaval. You see this often when governments are overthrown, only to be replaced with another corrupt form of government. Hell, a lot of that is what led to Trump being elected. He managed to get Hillary viewed as a symbol of the "corrupt elite" (which I won't disagree with) while somehow getting people to ignore his own corruption (which is worse).
Not to mention that most decent security products already do "dodgy destinations". One of the common methods is to intercept the DNS calls and re-inject them with an internal IP address, thus blocking attempts to hit the remote baddie but also allowing further capture of data. Hell, I can (and have) do this with a raspberry pi for a select number of machines.
It wasn't useless, but it was definitely under-used (and hard to make use of). In the face of emerging modern VR, it looks like it's something that MS doesn't really want to sink a lot of money in anymore.
This is sad though, because even though the current VR stuff is great, I've often caught myself thinking that something like Kinect could augment it better. For example, most VR kits involve holding some sort of controller and/or vests, sensors etc to determine body motion. This is something Kinect did pretty good, and would pair nicely in a defined space. My understanding is that the more modern Kinect was also a lot better at seeing finer movements.
So instead of a controller, how about a headset combined with an external sensor like Kinect. The headset maps your in-game motion to what you see, and the Kinect maps motion of your limbs to the in-game character. That means you would have free arm/leg movement, possibly even some hand operations etc. The big problem would be that it likely would degrade when not facing the device, but if there were kinect-like devices built into the perimeter sensors (e.g. with Vive) that would hopefully be good enough to capture the majority of motion in various orientations.
Yeah, Kinect is cool but I really do *hate* the non-standard plug. I have most of my game stuff etc in a separate room with AV routed through an amp and then all the various plugs available on a wall plate with keystone jacks. That is, all the plugs except:
a) The older Gamecube-type controller for my wii (wiimotes are fine, and it otherwise has USB), so that's only for playing the older GC games b) The sensor bar on the wii, not a huge issue as it's a 2-wire connection that can rather easily be rewired to either use something keystone-friendly or local power c) That damn oddball Kinect plug
Everything else uses standard keystones for USB, HDMI, ethernet or AV, but I have never been able to find a Kinect keystone. I even considered trying to print something once. Eventually I gave up and just put a pop-out receptacle in behind the TV. But a keystone would have been nice. Sad to hear that even XBone didn't use a proper connector. Given that you can drive monitors and fairly power-hungry devices from USB3 I'm fairly sure it would have been sufficient to juice up the Kinect.
For a long time people used FM transmitters to broadcast their MP3 players, etc to the local radio. I wonder if somebody could sell something similar that picks up the digital and re-transmits as analog
Slashdot Mirror
Would your very large defense company employer actually let you sign into Google services?
I'd imagine that stuff like gmail/drive/etc are probably considered a liability.
It probably wouldn't be too hard to get the best of both worlds though. Allow users to authenticate with third-parties against Steam's OpenAPI equivalent to allow access to *their* data, while allowing anonymous data extracts to more global variables (e.g. how many discrete users are playing this game, age range, country, CPU/GPU etc) for unauthenticated services.
In the end, Steam is making money off of game (ok, and hat) sales, so they don't need to monetize your data in the same way that FB etc are, but that same data can still - if used correctly - be very useful to gamers and the industry at large if provided in a way that protects the privacy of the player.
You might also like Descent Underground, though it's not fully released yet it is slowly getting there:
https://www.youtube.com/watch?...
Yes, it was an intern in this case, but in reality it could have just as easily been a permanent FTE, a contractor, or whomever with an agenda.
I have the ZW2 as well. How's the battery life on yours? Mine seems very unpredictable as one day it'll be fine and the next it will chew through 3/4 of the battery by noon.
'Advertiser friendly' is anything that gets lots of attention, but isn't going to be the subject of a significant amount of negative publicity.
Nope. If they're visiting websites while logged in whole on-premises, then hopefully your other compensating controls (DNS filter, firewall, AV) can help deal with that. Not trusting the device initially is more to prevent things like:
a) Unauthorized devices in general attaching to your network (home device, infiltration devices, etc)
b) Machines that have left the premises (e.g. a laptop that may have been infected in the field outside the firewall etc)
c) Overall better identification and management of systems within an environment: knowing what and where.
No, but the usual points of concern aren't printers etc but users and their PC's. A printer doesn't go out and browse bad sites on the internet during work hours, users do.
Whitelist the printers. Blacklist any user PC until it's be validated. If you *CAN* validate the printers, even better!
Ditto here. Not to mention that the Ionic is a *joke* compared to what Pebble was releasing. Yeah, the early Pebble watches were plasticy, but the Time Steel 2 (which I was also on the kickstarter for) was a nice looking watch and would have had a color screen and approx a week of battery-life. There is *still* no watch that compares.
I've had a Huawei Fit (the B&W model) which was comparable in battery life but very lacking in features, and gone through various "Android Wear" watches which all have fairly shyte and not-to-mention inconsistent battery life.
Is it really too much to ask for a watch that looks nice, has decent features (message notifications from all apps, calendar, music control, faces, color), and lasts more than a day or two on battery?
It's interesting how Intel managed to downplay the AMT issues, which IMHO are more in-line with Spectre in most cases (a bit worse in effect, easier to patch apparently), but is now playing up Spectre to have it overshadow Meltdown...
Yeah. I think part of this shows an pretty big need to reassess the use and longevity of major industrial and medical devices in a connected world. I've seen local hospitals with XP devices etc as well but they're not connected to anything (even then there's a risk if people are using USB devices). Obviously there's a cost but it should be considered part of maintenance because a breach or a disabling worm could lead to catastrophic downtime.
Imagine if you've got some sort of very important medical device monitoring and keeping somebody alive and it suddenly goes down because of an attack against an unpatched exploit... scary shit.
It could, but obviously in the case of NHS and WannaCry they had a significant amount of machines running XP that were *not* air-gapped.
An air-gap also only works for network-layer stuff. Iran's centrifuges were air-gapped but still had available USB ports which allowed transmission by physical device. The devices in this case are only really safe if they never interact in any way with any other devices.
A stealth virus could work in much the same way. To be fair with that though, a modern OS still might bot be any proof against such a method if it's an unknown vulnerability/0-day. However, if you are running a consumer OS, then part of the process of acquiring equipment should be to ensure proper hardening, patching, and eventually everygreening (retirement) schedules. I'm not saying Linux etc would be better - plenty of people still on RHEL5 - but at least with an open driver and/or open software there's a better chance of moving it up to something more modern.
They "dispute" the figure of course.
Around the time of WannaCry
"A reported 90 percent of NHS trusts run at least one Windows XP device, an operating system Microsoft first introduced in 2001 and hasn't supported since 2014."
https://www.wired.com/2017/05/...
He does tend to call a fair number of thing shit. This is likely because that - given the potential number of contributers trying to push stuff into the kernel - a good portion of it *IS* shit.
they will buy AMD if they can't get nVidia cards for a reasonable price
They *would* if AMD cards were more reasonably available. They aren't. In fact, they're probably worse. I got an RX480 when they were relatively new over a year ago. Since then, the RX580's have come out. The 580's are perpetually out of stock, mostly due to miners. The 480's are similarly very hard to find and now cost more used than I paid new. I've seen Nvidia 1080's etc come on sale and go (very quickly) but very little from AMD-land except some comparatively shyte RX550's (which there's apparently some scandal about being rebranded 450's or whatever). The big issue for NVidia is not only is stock scarse, but the prices are still insanely high at retail, with 1080's going from $800-1200 (CAD).
Absolutely. I can't remember at exactly which version, but I found that after one upgrade to Wine suddenly a crapload of my windows games started to "just work". What's more, they would often run better under Wine than a native windows OS (or in some cases wouldn't install on a modern Windows at all).
Nicely done!
Spectre is pretty much anything with a modern chip, including Intel, AMD, and ARM. Some of the few exemptions were processors that don't do speculative/out-of-order execution. The only more recent hardware I've seen that's immune are the Raspberry Pi (in-order-execution) and some ARM hardware such as various Snapdragon or Cortex-A53/55. Some of the older Atom stuff is also safe because it doesn't do OOE, but Spectre will hit the majority of the rest.
Meltdown was quite certainly an Intel thing according all legit sources. It seem part of Intel's PR machine that somehow managed to group the two together even though they're quite separate vulnerabilities with quite different risk and effect factors.
Yup, and you definitely will issues that come from this. For example, testing.
Remember when a certain tech company's facial-tracking would not recognize people with dark skin. That can be pretty much attributed to a lack of diversity in the testing team.
There was also a recent hubbub about idevices' facial unlock between Asian co-workers. I've not heard that there's been a lot of cases with this, but if it were then it could again be attributable to a lack of diversity in testing.
That isn't to say that you *need* diversity in every group, not that you shouldn't hire the best candidates for a position, but sometimes diversity comes with its own benefits that might not be immediately visible from a more technical viewpoint.
Part of the concept there though is changing the culture to make it more attractive (or rather less unattractive) to females. There are certainly some legitimate and worthy goals in this area, but at the same time - like anything - the concept of "given an inch, they'll take a mile" will apply to some people who simple use it to further their personal agenda. Unfortunately in a lot of cases, there's a concept that "the majority" or "those at the top" are always wrong, which leads to a massive upheaval.
You see this often when governments are overthrown, only to be replaced with another corrupt form of government. Hell, a lot of that is what led to Trump being elected. He managed to get Hillary viewed as a symbol of the "corrupt elite" (which I won't disagree with) while somehow getting people to ignore his own corruption (which is worse).
Not to mention that most decent security products already do "dodgy destinations". One of the common methods is to intercept the DNS calls and re-inject them with an internal IP address, thus blocking attempts to hit the remote baddie but also allowing further capture of data.
Hell, I can (and have) do this with a raspberry pi for a select number of machines.
It wasn't useless, but it was definitely under-used (and hard to make use of). In the face of emerging modern VR, it looks like it's something that MS doesn't really want to sink a lot of money in anymore.
This is sad though, because even though the current VR stuff is great, I've often caught myself thinking that something like Kinect could augment it better. For example, most VR kits involve holding some sort of controller and/or vests, sensors etc to determine body motion. This is something Kinect did pretty good, and would pair nicely in a defined space. My understanding is that the more modern Kinect was also a lot better at seeing finer movements.
So instead of a controller, how about a headset combined with an external sensor like Kinect. The headset maps your in-game motion to what you see, and the Kinect maps motion of your limbs to the in-game character. That means you would have free arm/leg movement, possibly even some hand operations etc. The big problem would be that it likely would degrade when not facing the device, but if there were kinect-like devices built into the perimeter sensors (e.g. with Vive) that would hopefully be good enough to capture the majority of motion in various orientations.
Yeah, Kinect is cool but I really do *hate* the non-standard plug. I have most of my game stuff etc in a separate room with AV routed through an amp and then all the various plugs available on a wall plate with keystone jacks. That is, all the plugs except:
a) The older Gamecube-type controller for my wii (wiimotes are fine, and it otherwise has USB), so that's only for playing the older GC games
b) The sensor bar on the wii, not a huge issue as it's a 2-wire connection that can rather easily be rewired to either use something keystone-friendly or local power
c) That damn oddball Kinect plug
Everything else uses standard keystones for USB, HDMI, ethernet or AV, but I have never been able to find a Kinect keystone. I even considered trying to print something once. Eventually I gave up and just put a pop-out receptacle in behind the TV. But a keystone would have been nice. Sad to hear that even XBone didn't use a proper connector. Given that you can drive monitors and fairly power-hungry devices from USB3 I'm fairly sure it would have been sufficient to juice up the Kinect.
PS4 has an established lineup of games. The Switch is just getting warmed up there.
Games and the gaming experience sell consoles, not just fast processors
For a long time people used FM transmitters to broadcast their MP3 players, etc to the local radio. I wonder if somebody could sell something similar that picks up the digital and re-transmits as analog
Yup. I think that recently happened to Manitoba.
http://www.newswire.ca/news-re...