There was a time not too long ago when malware could be dealt with by "simply" reinstalling the OS. Now malware can infect your PC's firmware, your USB sticks' and hard drives' firmware, make your graphics card go up in flames, and brick your motherboard.
This is a UEFI problem. A person can avoid typing "rm -rf/" but a malicious user should not be able to destroy your system.
Not that UEFI isn't catastrophically broken, but reading TFA, in this case the real problem seems to be the way it is implemented on some motherboards (TFA mentions "some MSI notebooks" without specifying further)
The problem is UEFI is so complex that many manufacturers make a lousy implementation with a lot of copy-paste code (from Intel's reference implementation). Their QA process seems to be something like, "Does Windows boot? If it does, then it must be ok."
Of course, manufacturers should be blamed for their mistakes, but if UEFI were simpler, there would be less room for mistakes.
Besides, the real question here I think is: Why don't these motherboards have a ROM backup that can be used to restore and boot the boards after catastrophic failure of their saved state?
Yes, that is where the focus should be.
They should have had a jumper or something that resets the UEFI to default.
Could you imagine if a two-week-old hire had told the boss, the owner, the code author (but bad, bad code), and the absolute authority what that programmer told me, today? I mean, I can only go by what I read from posts from people like you. Can you imagine what would have happened had they told the boss that code comments go in the code and not on a coffee soaked index card and referred to the boss as an asshole?
That means he respected you (and the fact that you didn't fire him indicates you respected him)
Low-level technology like this is frequently the source of "cascading failure" that can endanger people or property.
For instance, we have many USB-to-Serial devices installed in chains that capture weight readings from industrial scales. If this suddenly and inobtrusively starts causing that measurement data to be misaligned in the output, those weight readings could be transmitted to shippers who may or may not re-weigh the product based on our volume. In the worst case scenario, something like this could be done as the last check-weight for loading an aircraft -- a weight-critical application where getting it wrong can cause a tail-strike on takeoff.
If a single USB-to-Serial mis-reading can cause a disaster, then disaster is coming. It's a matter of if, not when.
It might not be a malicious driver that causes disaster - it could be a programmer error, or a hardware fault.
If a design relies on a single point of failure, then the designer is at fault. End of story.
Does Twitter often shut down accounts? After a Google search, the only thing I can find is shutting down spam accounts, and a bunch of accounts connected to ISIS.
My guess is Twitter wouldn't shut down your account unless you actively tweet harassment to another user, or something similar.
I don't want to read though Trump's twitter feed, but I would guess his tweets are hyperbolic at worst, and the author doesn't link to any tweets that deserve account deletion.
That would be the end of it in the civilian world (at worst, she would face a civil lawsuit for revealing trade secrets).
Since she was working for the government, she might end up a convict.
Some Latin American countries copied both the European way and the American way, so you might see a sign for a burger that is 12.32, next to a sign for a car that is 12.476
It's kind of a problem with working in the government. Things that can get you fired elsewhere get you in jail.
Run your own mail server with lousy security? At work, it might get you fired.
Same thing with Terry Childs.....at another job, he would have been fired. Working for the government, he was put in jail.
Another thing: it would be kind of cool if they journal system worked better. For example, if comments could be enabled for longer periods of time. I have a series of posts in my journal, and it would be cool if people could comment on them for a longer period of time.
There was a time not too long ago when malware could be dealt with by "simply" reinstalling the OS. Now malware can infect your PC's firmware, your USB sticks' and hard drives' firmware, make your graphics card go up in flames, and brick your motherboard.
This is a UEFI problem. A person can avoid typing "rm -rf /" but a malicious user should not be able to destroy your system.
Not that UEFI isn't catastrophically broken, but reading TFA, in this case the real problem seems to be the way it is implemented on some motherboards (TFA mentions "some MSI notebooks" without specifying further)
The problem is UEFI is so complex that many manufacturers make a lousy implementation with a lot of copy-paste code (from Intel's reference implementation). Their QA process seems to be something like, "Does Windows boot? If it does, then it must be ok."
Of course, manufacturers should be blamed for their mistakes, but if UEFI were simpler, there would be less room for mistakes.
Besides, the real question here I think is: Why don't these motherboards have a ROM backup that can be used to restore and boot the boards after catastrophic failure of their saved state?
Yes, that is where the focus should be.
They should have had a jumper or something that resets the UEFI to default.
But don't worry, systemd team plans to completely replace everything in /etc so it can be empty and clean.
The problem is that UEFI missed the KISS principal and is basically an OS itself.
Yeah, agreed.
Security researchers looked at the complexity of EFI and said, "Anything so complex has to be insecure." They were right.
The question was "what is the point of continuing working on Hurd?" not "why should I use Hurd?"
Could you imagine if a two-week-old hire had told the boss, the owner, the code author (but bad, bad code), and the absolute authority what that programmer told me, today? I mean, I can only go by what I read from posts from people like you. Can you imagine what would have happened had they told the boss that code comments go in the code and not on a coffee soaked index card and referred to the boss as an asshole?
That means he respected you (and the fact that you didn't fire him indicates you respected him)
Low-level technology like this is frequently the source of "cascading failure" that can endanger people or property. For instance, we have many USB-to-Serial devices installed in chains that capture weight readings from industrial scales. If this suddenly and inobtrusively starts causing that measurement data to be misaligned in the output, those weight readings could be transmitted to shippers who may or may not re-weigh the product based on our volume. In the worst case scenario, something like this could be done as the last check-weight for loading an aircraft -- a weight-critical application where getting it wrong can cause a tail-strike on takeoff.
If a single USB-to-Serial mis-reading can cause a disaster, then disaster is coming. It's a matter of if, not when.
It might not be a malicious driver that causes disaster - it could be a programmer error, or a hardware fault.
If a design relies on a single point of failure, then the designer is at fault. End of story.
Those drones look like batteries with propellers.
Why not? People are making it for free. There's actually a wiki devoted to OSes, and there are quite a lot of them. Working on a kernel is fun.
These are the advantages and challenges of the GNU kernel. If you want to understand why people like the Hurd kernel, I would suggest reading that.
Then look at "her" profile picture because some things are not as they seem.
She writes a vague blog post
Look at his profile pic, it's in the article.
Your link doesn't even go to someone whose account was deleted or deactivated. It tells the story of a bunch of idiots harassing each other.
Twitter shuts down and "unverifies" (allowing others to pose as you) accounts all the time.
[citation needed]
Does Twitter often shut down accounts? After a Google search, the only thing I can find is shutting down spam accounts, and a bunch of accounts connected to ISIS.
My guess is Twitter wouldn't shut down your account unless you actively tweet harassment to another user, or something similar.
I don't want to read though Trump's twitter feed, but I would guess his tweets are hyperbolic at worst, and the author doesn't link to any tweets that deserve account deletion.
She no longer has the job so she can't be fired.
That would be the end of it in the civilian world (at worst, she would face a civil lawsuit for revealing trade secrets).
Since she was working for the government, she might end up a convict.
Some Latin American countries copied both the European way and the American way, so you might see a sign for a burger that is 12.32, next to a sign for a car that is 12.476
How is one to magically know what's supposed to be classified?
You receive training when you gain a security clearance.
It's not "self-classifying"
A lot of stuff is self-classifying. It's kind of dumb IMO, and a lot of things get classified that shouldn't be, but that's how it is.
Ron Paul is probably the same, but he has no chance so it doesn't matter.
Yeah, especially since he retired.
the server (which was hacked by China and Russia.)
How do we know this?
"Democracy doesn't guarantee good government......it guarantees the government you deserve."
It's kind of a problem with working in the government. Things that can get you fired elsewhere get you in jail.
Run your own mail server with lousy security? At work, it might get you fired.
Same thing with Terry Childs.....at another job, he would have been fired. Working for the government, he was put in jail.
Again, just my opinion, but the UI is absolutely NOT the weak point for Microsoft. Apps are.
I agree with you completely.
Another thing: it would be kind of cool if they journal system worked better. For example, if comments could be enabled for longer periods of time. I have a series of posts in my journal, and it would be cool if people could comment on them for a longer period of time.
That seems........improbable.