OK, apart from this Levy guy being a tier one nut job, and his goal is primarily to get more powers and money after showing repeated signs of incompetence, what kind of attack does he expect?
Maybe something that exposes important information to the public that would totally destroy confidence in a government or institution?
Yep. Someone up high here had also read about SCRUM and asked why we don't use it. I told him that SCRUM makes no sense if you have only one developer (me) in that area of expertise. He asked why I could not team up for this with my co-workers from the PC software development department. I am not sure if I really convinced him that programming FPGAs in VHDL is a tad different from using C# on a windows PC.
We are in a small niche market. There may be a dozen people in this world with my specialized skill set, and half of them speak Chinese. New owner threw out my last co-worker for financial reasons, so I'm all alone in my department. If I go, the company is history. Same if I'm run over by a bus. I'm telling them for years now that they need to hire someone, even fresh from university, not only to bring fresh skills, but for me to transfer my knowledge and experience, and to have a backup just in case. For the last project, they hired a freelance to help me. I taught him everything necessary to help me with the job, he managed so-so, as it was a leaning experience for him, but he learned a lot, and would do better on the next project. But he is a freelancer and not an employee, and he is even older than me.
Yep. Web-everything is not a solution. My "Central Unit" can control up to 16k clients, has two different filesystems, a RAM-based database with TCP/IP interface, audio-streaming over TCP/IP and a text-based interface over Serial and TCP/IP. All this on a 60MHz ARM chip. The unit can be controlled by a small display with about 50 settings screens, or by an external application that controls the unit via the database interface.
And then product management came and said we need a Web interface to replace the need for an external control application. On this box. The RAM and the program flash is about 90% full...
Yep. I'm working in an environment where OO is either completely unsupported (VHDL), or useless (small embedded systems). If your processor only has 2K (yes, K!) of RAM, and everything is so tight that the bytes have to stand up in memory as there is no place for them to sit down, OO is a no-go.
For a big company with thousands of employees, this is fine. For a small company with 20 or 50 employees, this is a royal pain. You need one or two people permanently assigned to deal with ISO9000, and you need to have most of the software used in the company extended to support it. And sadly, quite a number of customers are so dumb that they demand this, just because someone told them to go for it.
And having an ISO9000 certificate does not guarantee a good, safe, or high quality product. Under ISO9000 you can produce life-jackets made from concrete. The ISO9000 certificate only guarantees that the quality of the concrete is sufficiently controlled and managed.
We have a product where usually 50 units are held in a combined charging and transport box, The product itself was redesigned with a new case, so we needed a new charging and transport box for. This was outsourced to China. We gave them every information they needed, including data for the old units transport/charging box (so they only had to copy the charging part). What we got in the end was two boxes: A charging box that could not be used for transport (if the units were in the box, the lid would not close), and a transport box (without charging facility).
Sorry, it may sound a bit harsh, but this *is* a stupid idea. Different platforms have different abilities and are built and designed for different purposes.
To accomplish a "works everywhere" approach, every platform would have to have all abilities. To use the phone app on your desktop PC, it would need the proper hardware. How much sense would that make? Or a GPS in the same desktop system? Likewise, how do you put a quad-output video card into a mobile phone?
This is a pipe dream of people who only work with software, and totally forget that it needs hardware to run on.
It is still a criminal offense when seen from other countries. Basically, it shows again that an American-based company is not trustworthy.for storing any data at all.
As part of a programming assignment I wrote two programs for finding primes.
The first one using a moving window technique. Lets say my window size is 100, so I fill in the numbers 1 to 100 into the window, do my sieve job on this, get the primes I got so far and put them in a list, and fill the window with the numbers 101 to 200, run them through the primes I got and then through whatever remains, extract the primes and add them to the list, etc...
The second was an instant filter system, i.e. I've got a list of tuples, each list element has a prime and a multiple of it, and my sieve table size is one, i.e. a counter. Lets say my list is A=(2,2) and B=(3,3), my counter is 4. While A2 is less than counter do A2 =A2+A1. A2 is now equal to A2, so counter is not prime. Next counter is 5, While A2 is smaller than counter do A2 = A2+A1, A2 is now bigger than counter, so it passes test A, while B2 is smaller than counter do B2=B2+B1, B2 is now bigger than counter, so it passes test B. End of prime list reached, so counter is prime. Create new tuple C(5,5) and add it to the list. Big advantage: No multiplications involved, the process of doing the while loop can be improved by using bit-shifted versions of the prime, so I only have additions, comparisons and bit shifts to deal with, which is easy and fast to implement with long integer implementations. And I need only to store the primes it found and their multiples, and the memory usage is very local and cache friendly.
Just out of curiosity I'd like to see their algorithm. Because some algorithms from math/CS look good on paper and are proven to run comparatively fast on a ideal Turing machine, but produce laughable results in real-life tests...
"IOS7 is now waterproof", "IOS8 enables fast charging in the microwave", "Set your IPhone date back to Jan 1st, 1970 to see a great surprise after rebooting",...
Yes indeed, it looks like a certain stupidity helps to stomach Apple products.
Thats it. If a system is build to permit abuse, it will be abused. If they want to make a "blockchain" that can be "edited", it is not a blockchain, but abuses the blockchain name for fraudulent uses.
If a record in a blockchain is wrong, just add a clearly marked correction record at the end, and that's it. No need to "edit" a blockchain, and the error and its corrections are visible and can be accounted for.
"The public narrative popularized by Snowden and his allies is rife with falsehoods, exaggerations, and crucial omissions," Sounds like a murderer who was found with bloody weapon and hands at the crime scene, who screams "every but me is a liar!" in court.
On the other hand, the narrative popularized by the U.S. House intelligence committee and the TLAs is not even worse, but its actions are also directed against the law and the rights of the citizens, and billions of innocent people worldwide.
Everyone who has the slightest idea about how electronic voting works is against it. And for good reason, as electronic voting is against many basic principles of a democratic voting process.
It is completely pointless to cry "Russia wants to manipulate the vote!", because a lot of interested parties want to do this, and pointing at Russia (or China, or the aliens) is just about distracting attention from the problem that electronic ballots make an election easy to manipulate. And it is not that US politics would need an outside force to manipulate votes, after all, Gerrymandering is an American invention.
Basically, both sides are upping the ante in case they lose, so the loser can say "Everybody knows that Russia (or whoever) wanted to manipulate the ballots to make the other side win", and start a court battle of recounts and repeat elections which would make the "battle" between Bush and Al Gore look like a friendly exchange of pats on the back.
The only way out of this shit is basically to stop any electronic voting, and return to the good old ballot papers. They are damn hard to manipulate, and easy to control for anybody. The initial results might not be there in time for the evening news, and some recounts might draw the time frame to get final results even further, but at least there won't be court battles and forensic analysis of thousands of voting machines to prove in endless court battles that this or that party tried to manipulate the votes.
Electronic voting is one of the most stupid ideas that politicians have croaked up so far. And that means a lot, even after gerrymandering, lobbyism, and two-party-systems.
Electronic voting is basically outright stupid. You cannot control if your vote was really counted, or if it was counted for the correct party or candidate. Votes can be manipulated by inside jobs or hacking, and with a political voting result being a very profitable target, and the voting machines safety and security record far from being unblemished, voting fraud is a very interesting goal for many, not only political, parties.
The problem is that electronic voting cannot fulfill the legal and philosophical demands for a democratic voting. This is not a failure of the planners, programmers, or hardware developers, this is system inherent, as many aspects cannot be implemented correctly without invalidating other important aspects of the same.
Now there is this totally broken idea and they want make it available online, opening the doors to fraud and abuse even wider.
That's what the "Five Eyes" group is primarily for: Hacking citizens in other countries, for those countries.
So the US spy agencies can not "work" on American citizens without a lot of legal problems. They might suspect someone, but the evidence is weak, to weak to use the normal, legal ways to find out more. So they ask their friends, e.g. the Australians: Could you please hack this guy? For the Aussies, this guy is a foreigner and therefor a legal target. If they find something that would make the person report-worthy, they hand back their finds to the US as in "This guy has been reported to us by a foreign law enforcement agency as part of their investigations". And the US suddenly has the evidence it needs to proceed further.
And the next time that the Australian agencies have someone they need investigated, they turn to the US and ask for a similar favor. Avoiding the law and denying legal due process is just a phone call away today. And while catching a terrorist or child molester is a worthy cause, the laws protecting the citizens due rights are there for a reason.
and told me about this new program, Arena, which was "a kind of gopher, but with hypertexts". It was horribly slow, but it worked, and it was a miracle!
They don't need a proper court order to force the cloud providers turning over the data. All they need is a "National Security Letter", then the cloud provider has to drop its pants and bend over. No nasty court order necessary. Forget "Due Cause" and "Fourth Amendment", that's a thing of a past long gone.
One important aspect of all the primarily American underwear sniffing is that the US services also do business espionage as part of their mission, as they see an strategic asset in this. And they supply American companies with results from these actions, like Boeing, who got information on Airbus contracts to undermine bids.
So with some cloud providers willingly spreading their legs to be raped by the TLAs, for a non-US company to put business to put data in a cloud system could be considered gross neglect or even willful damaging.
One of the things I liked in Win8.1 was the ability to limit my children's login time and web access, and I could prevent them from using certain software on the machine like the banking software.
With Win10, Family Safety has gone through the chimney. According to the net, I would have to use Microsoft accounts for all of us to be able to use something like the old Family Safety feature, but in good old Microsoft security manner, the kids would be able to just disable the whole package at login. WTF! On top of that, it would not work like the old system, as some features like "give them another 15 minutes once to finish what they were doing" do not exist anymore.
The safety of it reminds me of Microsoft Bob - if you entered your password wrong three times, it asked something like "You seem to have forgotten your password - do you want to set a new one?"
actual buttons where there is something to press. Grey on grey without border doesn't fucking count. I have to click at random on your stupid shit of a user interface to figure out where the buttons are and where the comments are yah fucking cunts.
Yep. They totally forgot their own rules here, and the number one rule when it comes to UIs: What does a UI and a joke have in common? - If you have to explain it, it missed the point.
Slashdot Mirror
OK, apart from this Levy guy being a tier one nut job, and his goal is primarily to get more powers and money after showing repeated signs of incompetence, what kind of attack does he expect?
Maybe something that exposes important information to the public that would totally destroy confidence in a government or institution?
Yep. Someone up high here had also read about SCRUM and asked why we don't use it. I told him that SCRUM makes no sense if you have only one developer (me) in that area of expertise. He asked why I could not team up for this with my co-workers from the PC software development department. I am not sure if I really convinced him that programming FPGAs in VHDL is a tad different from using C# on a windows PC.
We are in a small niche market. There may be a dozen people in this world with my specialized skill set, and half of them speak Chinese. New owner threw out my last co-worker for financial reasons, so I'm all alone in my department. If I go, the company is history. Same if I'm run over by a bus. I'm telling them for years now that they need to hire someone, even fresh from university, not only to bring fresh skills, but for me to transfer my knowledge and experience, and to have a backup just in case. For the last project, they hired a freelance to help me. I taught him everything necessary to help me with the job, he managed so-so, as it was a leaning experience for him, but he learned a lot, and would do better on the next project. But he is a freelancer and not an employee, and he is even older than me.
Yep. Web-everything is not a solution. My "Central Unit" can control up to 16k clients, has two different filesystems, a RAM-based database with TCP/IP interface, audio-streaming over TCP/IP and a text-based interface over Serial and TCP/IP. All this on a 60MHz ARM chip. The unit can be controlled by a small display with about 50 settings screens, or by an external application that controls the unit via the database interface.
And then product management came and said we need a Web interface to replace the need for an external control application. On this box. The RAM and the program flash is about 90% full...
Yep. I'm working in an environment where OO is either completely unsupported (VHDL), or useless (small embedded systems). If your processor only has 2K (yes, K!) of RAM, and everything is so tight that the bytes have to stand up in memory as there is no place for them to sit down, OO is a no-go.
ISO 9000
For a big company with thousands of employees, this is fine. For a small company with 20 or 50 employees, this is a royal pain. You need one or two people permanently assigned to deal with ISO9000, and you need to have most of the software used in the company extended to support it. And sadly, quite a number of customers are so dumb that they demand this, just because someone told them to go for it.
And having an ISO9000 certificate does not guarantee a good, safe, or high quality product. Under ISO9000 you can produce life-jackets made from concrete. The ISO9000 certificate only guarantees that the quality of the concrete is sufficiently controlled and managed.
Or anywhere else where it does not belong.
We have a product where usually 50 units are held in a combined charging and transport box, The product itself was redesigned with a new case, so we needed a new charging and transport box for. This was outsourced to China. We gave them every information they needed, including data for the old units transport/charging box (so they only had to copy the charging part). What we got in the end was two boxes: A charging box that could not be used for transport (if the units were in the box, the lid would not close), and a transport box (without charging facility).
Sorry, it may sound a bit harsh, but this *is* a stupid idea. Different platforms have different abilities and are built and designed for different purposes.
To accomplish a "works everywhere" approach, every platform would have to have all abilities. To use the phone app on your desktop PC, it would need the proper hardware. How much sense would that make? Or a GPS in the same desktop system? Likewise, how do you put a quad-output video card into a mobile phone?
This is a pipe dream of people who only work with software, and totally forget that it needs hardware to run on.
It is still a criminal offense when seen from other countries. Basically, it shows again that an American-based company is not trustworthy.for storing any data at all.
A ship for 100 people is to small, Congress has 435 members. And you don't want to send them to Mars, anyway.
As part of a programming assignment I wrote two programs for finding primes.
The first one using a moving window technique. Lets say my window size is 100, so I fill in the numbers 1 to 100 into the window, do my sieve job on this, get the primes I got so far and put them in a list, and fill the window with the numbers 101 to 200, run them through the primes I got and then through whatever remains, extract the primes and add them to the list, etc...
The second was an instant filter system, i.e. I've got a list of tuples, each list element has a prime and a multiple of it, and my sieve table size is one, i.e. a counter. Lets say my list is A=(2,2) and B=(3,3), my counter is 4. While A2 is less than counter do A2 =A2+A1. A2 is now equal to A2, so counter is not prime. Next counter is 5, While A2 is smaller than counter do A2 = A2+A1, A2 is now bigger than counter, so it passes test A, while B2 is smaller than counter do B2=B2+B1, B2 is now bigger than counter, so it passes test B. End of prime list reached, so counter is prime. Create new tuple C(5,5) and add it to the list. Big advantage: No multiplications involved, the process of doing the while loop can be improved by using bit-shifted versions of the prime, so I only have additions, comparisons and bit shifts to deal with, which is easy and fast to implement with long integer implementations. And I need only to store the primes it found and their multiples, and the memory usage is very local and cache friendly.
Just out of curiosity I'd like to see their algorithm. Because some algorithms from math/CS look good on paper and are proven to run comparatively fast on a ideal Turing machine, but produce laughable results in real-life tests...
"IOS7 is now waterproof", "IOS8 enables fast charging in the microwave", "Set your IPhone date back to Jan 1st, 1970 to see a great surprise after rebooting", ...
Yes indeed, it looks like a certain stupidity helps to stomach Apple products.
Thats it. If a system is build to permit abuse, it will be abused. If they want to make a "blockchain" that can be "edited", it is not a blockchain, but abuses the blockchain name for fraudulent uses.
If a record in a blockchain is wrong, just add a clearly marked correction record at the end, and that's it. No need to "edit" a blockchain, and the error and its corrections are visible and can be accounted for.
Have you seen the "<iframe allowfullscreen>" tag? Seems to be a marketeers wet dream. And every web users nightmare.
"The public narrative popularized by Snowden and his allies is rife with falsehoods, exaggerations, and crucial omissions," Sounds like a murderer who was found with bloody weapon and hands at the crime scene, who screams "every but me is a liar!" in court.
On the other hand, the narrative popularized by the U.S. House intelligence committee and the TLAs is not even worse, but its actions are also directed against the law and the rights of the citizens, and billions of innocent people worldwide.
Everyone who has the slightest idea about how electronic voting works is against it. And for good reason, as electronic voting is against many basic principles of a democratic voting process.
It is completely pointless to cry "Russia wants to manipulate the vote!", because a lot of interested parties want to do this, and pointing at Russia (or China, or the aliens) is just about distracting attention from the problem that electronic ballots make an election easy to manipulate. And it is not that US politics would need an outside force to manipulate votes, after all, Gerrymandering is an American invention.
Basically, both sides are upping the ante in case they lose, so the loser can say "Everybody knows that Russia (or whoever) wanted to manipulate the ballots to make the other side win", and start a court battle of recounts and repeat elections which would make the "battle" between Bush and Al Gore look like a friendly exchange of pats on the back.
The only way out of this shit is basically to stop any electronic voting, and return to the good old ballot papers. They are damn hard to manipulate, and easy to control for anybody. The initial results might not be there in time for the evening news, and some recounts might draw the time frame to get final results even further, but at least there won't be court battles and forensic analysis of thousands of voting machines to prove in endless court battles that this or that party tried to manipulate the votes.
Electronic voting is one of the most stupid ideas that politicians have croaked up so far. And that means a lot, even after gerrymandering, lobbyism, and two-party-systems.
Electronic voting is basically outright stupid. You cannot control if your vote was really counted, or if it was counted for the correct party or candidate. Votes can be manipulated by inside jobs or hacking, and with a political voting result being a very profitable target, and the voting machines safety and security record far from being unblemished, voting fraud is a very interesting goal for many, not only political, parties.
The problem is that electronic voting cannot fulfill the legal and philosophical demands for a democratic voting. This is not a failure of the planners, programmers, or hardware developers, this is system inherent, as many aspects cannot be implemented correctly without invalidating other important aspects of the same.
Now there is this totally broken idea and they want make it available online, opening the doors to fraud and abuse even wider.
And the ultimative scurity update for win7 / win 8 will be the update to win10.
One day, this "cumulative update" will leave the PC as a win10 machine.
That's what the "Five Eyes" group is primarily for: Hacking citizens in other countries, for those countries.
So the US spy agencies can not "work" on American citizens without a lot of legal problems. They might suspect someone, but the evidence is weak, to weak to use the normal, legal ways to find out more. So they ask their friends, e.g. the Australians: Could you please hack this guy? For the Aussies, this guy is a foreigner and therefor a legal target. If they find something that would make the person report-worthy, they hand back their finds to the US as in "This guy has been reported to us by a foreign law enforcement agency as part of their investigations". And the US suddenly has the evidence it needs to proceed further.
And the next time that the Australian agencies have someone they need investigated, they turn to the US and ask for a similar favor. Avoiding the law and denying legal due process is just a phone call away today. And while catching a terrorist or child molester is a worthy cause, the laws protecting the citizens due rights are there for a reason.
and told me about this new program, Arena, which was "a kind of gopher, but with hypertexts". It was horribly slow, but it worked, and it was a miracle!
They don't need a proper court order to force the cloud providers turning over the data. All they need is a "National Security Letter", then the cloud provider has to drop its pants and bend over. No nasty court order necessary. Forget "Due Cause" and "Fourth Amendment", that's a thing of a past long gone.
One important aspect of all the primarily American underwear sniffing is that the US services also do business espionage as part of their mission, as they see an strategic asset in this. And they supply American companies with results from these actions, like Boeing, who got information on Airbus contracts to undermine bids.
So with some cloud providers willingly spreading their legs to be raped by the TLAs, for a non-US company to put business to put data in a cloud system could be considered gross neglect or even willful damaging.
One of the things I liked in Win8.1 was the ability to limit my children's login time and web access, and I could prevent them from using certain software on the machine like the banking software.
With Win10, Family Safety has gone through the chimney. According to the net, I would have to use Microsoft accounts for all of us to be able to use something like the old Family Safety feature, but in good old Microsoft security manner, the kids would be able to just disable the whole package at login. WTF! On top of that, it would not work like the old system, as some features like "give them another 15 minutes once to finish what they were doing" do not exist anymore.
The safety of it reminds me of Microsoft Bob - if you entered your password wrong three times, it asked something like "You seem to have forgotten your password - do you want to set a new one?"
actual buttons where there is something to press. Grey on grey without border doesn't fucking count. I have to click at random on your stupid shit of a user interface to figure out where the buttons are and where the comments are yah fucking cunts.
Yep. They totally forgot their own rules here, and the number one rule when it comes to UIs: What does a UI and a joke have in common? - If you have to explain it, it missed the point.