I have the exact same symptom using the -109 update, i.e., attempting to boot that kernel ends up doing a system reboot. Said reboot happens after I've successfully entered my full disk encryption password.
A simple "emergency beacon" is a reasonable requirement. Having that same cellular radio be able to provide user input to critical vehicle systems? Bad idea.
Nobody wants to thing they'll be the driver who runs off the edge of the road into a ravine in the middle of the night with no one around. But if it happened to be me, I'd be glad of the automatic emergency beacon.
Could the extra attention on GitHib be due to developers being very lax about having licenses applied to the work there? I'm not hearing here about a similar plague at SourceForge, which has always required there to be a license for every project.
It sounds to me like the CEOs have been eating their Wheaties and reading up on their Ayn Rand...
Seriously, though, I love how the letter makes it sound like all the brouhaha is coming from a "concerted publicity campaign by some advocacy groups". I just looked at the FCC's public docket for response to Wheeler's previous proposal, and there are at least 10,000 responses. Even my state of Tennessee, not necessarily the most friendly to to Federal regulation, had 500 comments. I looked at a random sampling from TN, and couldn't find one posting with any particular love for the current regime of large ISPs. Words like "oligarchy" and "monopoly" were quite common.
I find this disturbing. I'm a latecomer to the Android phenomenon. As it turns out, I bought my daughter a Pantech Marauder phone (http://www.pantechusa.com/phones/marauder) in late 2012, which runs 4.1-JellyBean, and my sons just received Kurio 7 tablets for Christmas (4.0-IceCreamSandwich). Both devices are unlikely ever to get an official update to 4.2+. As far as I can tell, the patch in Android 4.2 is described here: https://developer.android.com/...
"WebView.addJavascriptInterface requires explicit annotations on methods for them to be accessible from Javascript"
Google appears to have treated this as an API issue. I.e., "the API up to 4.1 was insecure. We now will require method annotations going forward for the JS to execute them." I could care less if backporting this change to earlier versions broke a bunch of apps. It's an easy enough change for those apps to go and insert the explicit annotations. I think Google has made a conscious choice here to not cause apps to break in the name of security, so that their platform can appear to be "more stable".
In fact, at least when it comes to the web presence of anything to purports to be a journal, one Web of Trust site would already be up to the task, with browser plugins available. Users just need to crank down the "Trustworthiness" know on any flim-flam journal site they come across. One just needs to hope that hordes of creationists and climate-change deniers don't then start gaming this for their own agendas.
I've looked over the comments on this thread with frustration, seeing that the conversation swiftly derailed into being *just* about Crypto. The MCTL covers all areas of technology that may be deemed militarily critical. It is not really possible to find a publicly hosted.gov or.mil site that gives much info any more, but this university page stills shows the 20 areas covered: http://www.wright.edu/rsp/Security/T1threat/Mctl.htm , including things like space systems and nuclear technologies.
Ubuntu's current practice is a 5 year term for LTS. Microsoft's 10 years leads to supporting pretty ancient stuff (in Internet time, anyway). They were forced to extend XP support all the way to 13 years since Vista and Windows 7 can't run reasonably on a lot of the hardware that XP was happy on.
For the previous decade, I personally think 5-8 years somewhere is a good LTS term for operating systems and kernels.
Now that CPU's aren't really getting faster, just more cores and energy efficiency, perhaps 10-20 years may again be reasonable.
As a true conspiracy nut, I would not put it past 1. the FBI to have gotten its data from Blue Toad or 2. Blue Toad covering up for the FBI.
Exactly. The FBI doesn't have to have gotten the data directly from Apple or NSA hackers or somesuch. However, you can't discount that the hackers might have been motivated to lie in order to smear the FBI, too.
Advertisers and sites that depend on them don't want to admit that choosing to use a certain browser and allowing itts default settings *is* a choice. They are also free to request the user to turn DNT off before they serve up key features.
They apparently *really* don't like the idea of having to explicitly ask, "can I follow you wherever you go after this"?
Not to belabor the obvious. This is one reason open source, over time, is more secure that closed source. Which would you rather rely on, software that has source code anybody can look at, or software that only the development company and the military of the world's sole superpower can look at?
Of course, nefarious elements can put subtle security bugs in open source projects, but one hopes over time that the community is able to find and eliminate them.
Full Disclosure
I had a free classic original Zune from my days as a Microsoft SDE. I ripped my 300+ CD collection to it, and loved it, never having owned an iPod, but seeing it as vastly better than my old crappy MP3 player. I longed for a "Zune" equivalent to the iPhone. When it was announced, I saw Windows Phone as the natural way to have consolidate my Zune with a my cell phone.
I am on Verizon, so I am stuck with a single model, the HTC Trophy. I love it, and my only complaint I ever have about it is this: Everywhere I look, apps are written for the more successful iPhone and Android platforms. It seems that except where Microsoft has ponied up some cash for the effort, the more popular apps don't get ported to it.
I have an unlimited 3G plan with Verizon Wireless for my smartphone, and this made me curious. Verizon has a nearly identical throttling policy: http://goo.gl/RIXbF
Actually, you'll have to wait almost 29 years on average to get any bitcoins, since a successful bitcoin block creation mints 50 BTC at a time. If you want to see bitcoins added to your wallet on a regular basis, you'll have to join up with a mining collective, such as DeepBit.
Slashdot Mirror
I have the exact same symptom using the -109 update, i.e., attempting to boot that kernel ends up doing a system reboot. Said reboot happens after I've successfully entered my full disk encryption password.
A simple "emergency beacon" is a reasonable requirement. Having that same cellular radio be able to provide user input to critical vehicle systems? Bad idea. Nobody wants to thing they'll be the driver who runs off the edge of the road into a ravine in the middle of the night with no one around. But if it happened to be me, I'd be glad of the automatic emergency beacon.
Could the extra attention on GitHib be due to developers being very lax about having licenses applied to the work there? I'm not hearing here about a similar plague at SourceForge, which has always required there to be a license for every project.
Sounds like a serious threat. Better cave.
It sounds to me like the CEOs have been eating their Wheaties and reading up on their Ayn Rand... Seriously, though, I love how the letter makes it sound like all the brouhaha is coming from a "concerted publicity campaign by some advocacy groups". I just looked at the FCC's public docket for response to Wheeler's previous proposal, and there are at least 10,000 responses. Even my state of Tennessee, not necessarily the most friendly to to Federal regulation, had 500 comments. I looked at a random sampling from TN, and couldn't find one posting with any particular love for the current regime of large ISPs. Words like "oligarchy" and "monopoly" were quite common.
Sounds like the leaders of the ISPs have been reading a lot of Ayn Rand lately...
TFA mentioned these advantages of the C-family as well.
... Websites are now designed with little/no graceful degradation. ...
Whatever happened to designing for accessibility?
"WebView.addJavascriptInterface requires explicit annotations on methods for them to be accessible from Javascript"
Google appears to have treated this as an API issue. I.e., "the API up to 4.1 was insecure. We now will require method annotations going forward for the JS to execute them." I could care less if backporting this change to earlier versions broke a bunch of apps. It's an easy enough change for those apps to go and insert the explicit annotations. I think Google has made a conscious choice here to not cause apps to break in the name of security, so that their platform can appear to be "more stable".
You mean an ATO, obviously.
In fact, at least when it comes to the web presence of anything to purports to be a journal, one Web of Trust site would already be up to the task, with browser plugins available. Users just need to crank down the "Trustworthiness" know on any flim-flam journal site they come across. One just needs to hope that hordes of creationists and climate-change deniers don't then start gaming this for their own agendas.
I've looked over the comments on this thread with frustration, seeing that the conversation swiftly derailed into being *just* about Crypto. The MCTL covers all areas of technology that may be deemed militarily critical. It is not really possible to find a publicly hosted .gov or .mil site that gives much info any more, but this university page stills shows the 20 areas covered: http://www.wright.edu/rsp/Security/T1threat/Mctl.htm , including things like space systems and nuclear technologies.
Ubuntu's current practice is a 5 year term for LTS. Microsoft's 10 years leads to supporting pretty ancient stuff (in Internet time, anyway). They were forced to extend XP support all the way to 13 years since Vista and Windows 7 can't run reasonably on a lot of the hardware that XP was happy on.
For the previous decade, I personally think 5-8 years somewhere is a good LTS term for operating systems and kernels.
Now that CPU's aren't really getting faster, just more cores and energy efficiency, perhaps 10-20 years may again be reasonable.
Are there any distributions that are known to plan on using this? Debian would be a natural fit, I suppose.
I'm surprised. I thought 8.04 LTS, 10.04 LTS, 12.04 LTS & 12.10 were the only currently supported releases.
David Brin often discusses the solution to this on his blog: Watch the watchers. http://davidbrin.blogspot.com/2012/11/is-law-enforcement-going-dark-dilberts.html?m=1
TFA incorrectly called this a zero day. It has to be known to be actively exploited in the wild first.
Is there even any good proof that all this tracking is even more effective for the advertiser's customers, than not tracking?
As a true conspiracy nut, I would not put it past 1. the FBI to have gotten its data from Blue Toad or 2. Blue Toad covering up for the FBI.
Exactly. The FBI doesn't have to have gotten the data directly from Apple or NSA hackers or somesuch. However, you can't discount that the hackers might have been motivated to lie in order to smear the FBI, too.
I don't necessarily disagree with your point. I guess my thought is that who are the advertisers to say for sure what I am and am not choosing?
Oops. Need to check if I'm logged in when I comment. Above comment I'm replying to here was mine.
Advertisers and sites that depend on them don't want to admit that choosing to use a certain browser and allowing itts default settings *is* a choice. They are also free to request the user to turn DNT off before they serve up key features. They apparently *really* don't like the idea of having to explicitly ask, "can I follow you wherever you go after this"?
XP, Win7, and Server Core are affected, but somehow, Vista isn't!
Not to belabor the obvious. This is one reason open source, over time, is more secure that closed source. Which would you rather rely on, software that has source code anybody can look at, or software that only the development company and the military of the world's sole superpower can look at?
Of course, nefarious elements can put subtle security bugs in open source projects, but one hopes over time that the community is able to find and eliminate them.
I am on Verizon, so I am stuck with a single model, the HTC Trophy. I love it, and my only complaint I ever have about it is this: Everywhere I look, apps are written for the more successful iPhone and Android platforms. It seems that except where Microsoft has ponied up some cash for the effort, the more popular apps don't get ported to it.
I have an unlimited 3G plan with Verizon Wireless for my smartphone, and this made me curious. Verizon has a nearly identical throttling policy: http://goo.gl/RIXbF
Actually, you'll have to wait almost 29 years on average to get any bitcoins, since a successful bitcoin block creation mints 50 BTC at a time. If you want to see bitcoins added to your wallet on a regular basis, you'll have to join up with a mining collective, such as DeepBit.