Makes me wonder if they've implemented something in the hacked firmware that prevents IOS from changing which IOS image it's booting from, such that one has to have local access to the router to update it through rommon.
From TFA: "Routers don't typically get the same level of security attention as employee workstations or application servers that companies actually expect to be attacked. They're not protected by firewalls and don't have antimalware products running on them."
Huh?
Last time I checked the whole point of the router was that it's a limited-purpose device and it's management access was highly restricted, both in terms of credentials to access the management interface and of the networks that the management interface will communicate with.
I feel I should point out that 16Mbps was a Token Ring speed from the late eighties. That's right, HD video could be transmitted with less bandwidth than was available on LANs 25 years ago, and 4K could almost make it if it weren't for the protocol overhead.
People have unrealistic expectations for what they need. It leads to organizations buying enough bandwidth that every user could have 100Mbit to the public Internet if their WAN backbone could support all of that, it's simply not necessary.
I don't think that they're criminally negligent because they're not themselves law-enforcement, so they can't really actually take an active role in stopping those that they see engaging in criminal acts. If the criminals they're interacting with are in foreign countries where reporting those individuals to that country's police forces won't do any good, then this is at least keeping tabs on things.
Now, it could be that some of those foreign countries for whom they're infiltrating the criminal hacker groups of might not take kindly to their doing this, so those that masquerade as criminals themselves might find that the foreign country in question wants them for prosecution as a result, but I would be surprised if they'd face very much domestic prosecution. Hacking-back is illegal, but it doesn't sound like they're actually hacking.
If the road is completely blocked then the not-pull-over solution is to stop. The car would then alert the occupants that the car cannot continue on this path. Depending on the circumstances the occupants might need to tell the car to turn around, if it is safe to do so, once the immediate danger of being in a collision is addressed.
This is true. The ramifications of something happening in a plane are worse but usually once a plane is airborne there's more time to deal with the emergency. A human occupant to a self-driving car might not even realize there's a problem before there's a collision if the car pulls an Eddie-the-shipboard-computer and gives the occupant control when they're not expecting it.
"...had disappeared from its digital vaults." the very terminology is misleading. It's just data on disk arrays, and if there's encryption it's decryptable by the owner of the disk array.
The term vault shouldn't be used anyway, unless the "vault" computer is literally air-gapped. We have a vault for storing data for legal purposes, it's a literal interal concrete structure within the building with a reinforced steel door, and only a few people have keys that open it. The only wiring going in there is for lights and fire alarm/smoke detectors. No outlets, no data, no phone. It's not a bank vault, but it would require a degree of commitment to get in there.
I do think that over-the-road and other long-distance highway or freeway applications will come first, but even then, the cars will need to be able to handle rain and snow and other mild weather without requiring driver intervention.
Why not, that is the design philosophy for airliners made in the past 30 years and their pilots who operate them. Sit and babysit the machine for 99.99% of the time; then jump in ready to go for the 0.01% of the time the situation is beyond the programming of the software. (In which case the software 1) does wrong thing. 2) just shuts-down while displaying a message to the pilots to let them know that, suddenly, THEY are flying the plane.)
A couple of reasons. First, the barrier to flying a plane, both for a human and for a computer is significantly higher. Specialized training far and beyond that to drive a car is necessary to fly a plane and not simply becuase the machine is more complicated, but because the conditions that the machine could encounter are much more varied and the way the operator reacts is much more important. Second, the number of people that could fall victim to an error is greater and the amount of harm that could be caused is also greater, both to to the passengers and to others in the environment. Even a damaged car has the option, most of the time, to just stop, or to just pull over to the side of the road and stop. A plane cannot safely cease to move without having already satisfied several important criteria, which are even harder to meet if something should damage the plane.
Self-driving cars only make sense if they can be completely self-driving unless the occupant chooses to override and become a driver, at least under the right conditions. If a self-driving car is meant for city use it needs to be able to handle basically all of the conditions that it will encounter in a city. If a self-driving car is intended only for highway or limited-access freeway use, then it at least needs to be able to handle all of the conditions that can be expected in that use, and to 'fail gracefully' when the inevitable unexpected (like those protesters that blocked an Interstate) happens, even if it can't self-drive in a city or suburban environment.
The extreme abuse done to a Ford Raptor is a bit of an outlier, and is a lot more akin to sideswiping a tree or high-centering on boulders. Sure, the truck can handle some high-speed offroading better than many other 4x4s, but there is a limit to how much dynamic load the manufacturer should be required to withstand.
That kind of treatment isn't the same as someone out on the rocky trail or in the dry riverbed that has slowed down to match the terrain they're crossing.
When you're a monopoly or near-monopoly, as just about all American-distributing labels are a part of the RIAA, it doesn't matter how much you alienate people. Arguably being an umbrella-membership group there's even a bigger disconnect, since people won't necessarily associate a given band with even their label, let alone that label to the RIAA.
Back in the day a record label wasn't much of an entity. It was usually a local studio with the ability to master onto a viny record, and a record label would publish its literal catalog so that stores could order the records they wanted to try to sell. Contracts between musicians and the label were simple, though admittedly racism was quite ugly for non-white performers in those early days.
I don't know if any singular event can be cited as when the relationship between labels and musicians went crazy, but between ever-increasing production costs through more and more editing and other sound processing work, speculative arrangements where labels became distributors that would essentially consign records to retailers proactively, and other costs that essentially outpaced the ability of the performers to pay upfront for their studio and production costs it's gotten out of hand.
I can certainly see the allure of attempting to use album sales as a driver of income; once the album is cut they don't have to continue to play the same material every single night just to pay the bills and they can both focus on new material and can perform less, but for whatever reason the whole thing is grossly out of whack now.
If you lift it then it's no longer in the manufacturer's configuration, unless again, one follows the manufacturer's OEM-aftermarket program, which *might* still have a degree of warranty available.
But you're certainly correct, very few new trucks and SUVs are out on the trails, and very few new vehicles are heavily modified. I'm mulling getting a 2000 or so Cherokee and putting a bit of work into it; I've seen very nice 4x4 examples with low miles and not for as expensive as one might dread. Throw a mild suspension lift, some ARB pneumatic differential lockers some under-body skid protection, some good tires, and have a pretty decent off-road rig without having to lift it to kingdom come. Too many other projects before I could do that though.
willworkforbeer: Ads for trucks often show warranty-voiding off road activities. It's not CGI, the trucks will DO the stuff in the ad, but you're probably SOT (Spot Outta Truck) when you break it that way.
Nothing to see here.
And what, exactly, are they showing trucks doing that voids their warranties?
If I break a tie-rod end off-road they'll replace it. If I snap a ball joint they'll replace it and will probably fix the bent wheel opening molding and fender that resulted. If the steering gearbox or rack-and-pinion fail they'll replace those unless they failed as a direct result of striking a rock with the housing itself.
Same goes for axle shafts, axle housings, springs, even driveshafts, depending on the cause. Most truck and true-SUV manufacturers also have either options for underbody skid protection or OEM-aftermarket skid plates specifically for these applications.
Obviously if I sideswipe a tree they're not going to repair and repaint the side of the truck or replace the glass, that's a given. If the truck is sold as a serious off-road vehicle then there's an expectation that it'll do the job that it's marketed for and that the manufacturer will, to at least an extent, stand behind it.
The only solution would be for those that run these programs to have very specific term limits, and for them to have to retire from all forms of work that could impact Governments of the United States of America, including working for private companies that do business with the government.
Realistically, the only way that would happen would be for them to go into exile. Since we don't do that, there really is no solution.
At least you get the people to show up in the office, distractions be damned making people excited to come in the morning without a never ending case of the Mondays seems like progress:)
...until those deadlines are fast-approaching and playing grabass with the hired flirts has left the worker with 240 hours of work to do over the next two weeks to get the project done...
What I want in a workplace is one that provides a concise framework for what they want, gives me the latitude to use my discretion to meet the need, and where the supervisor is supportive and actually tries to get the resources that I ask for. I also want the supervisor to help steer me back in the direction that I need to go in if I get off-track for too long, so that I remain productive, and to run interference with upper management so that I can work instead of having to answer questions all of the time.
If the alternative is the company buying cables without tab protectors on them, these are actually quite nice cables. We have a ton of 'em (probably quite literally) and so long as hardware designers aren't idiots they work fine. This is an idiot trying to blame the cable when the button is in the wrong spot.
I've got several thousand of those kinds of cables in my closets. They're not so bad if you don't have a reset button located adjacent to the tab protector. They actually slip out of the bundle fairly easily compared to most others.
If there's a TFTP server properly configured... If there's bootp on the LAN properly configured... If there's a switch configuration saved to that TFTP server and If it's named correctly such that there's a mechanism for associating it with a given request, some Cisco equipment can autoconfigure by pulling the config down off of TFTP without administrator intervention. I've seen some C2960S and C3560G do this; had to clear-out, IOS update, and put config templates on about 160 switches over a few days, watching it complain about not being able to find a TFTP server is just a little burned into my brain.
No one that I've spoken with has ever used this feature in production, and honestly it would take so much advance-setup to make it work that no boss would choose that path out of laziness instead of getting out a console cable, but technically if the switch were reset with the mode button it might make the attempt.
Again, if I'm remembering correctly.
I wish that Cisco would make it harder to press that button. Some older switches were REALLY bad, the button was the whole left end of the panel. If the closet is racked incorrectly the component above or below the switch could press the button and hold it down. I've seen it happen a few times.
Slashdot Mirror
So, how's the MG running these days?
Makes me wonder if they've implemented something in the hacked firmware that prevents IOS from changing which IOS image it's booting from, such that one has to have local access to the router to update it through rommon.
From TFA: "Routers don't typically get the same level of security attention as employee workstations or application servers that companies actually expect to be attacked. They're not protected by firewalls and don't have antimalware products running on them."
Huh?
Last time I checked the whole point of the router was that it's a limited-purpose device and it's management access was highly restricted, both in terms of credentials to access the management interface and of the networks that the management interface will communicate with.
I feel I should point out that 16Mbps was a Token Ring speed from the late eighties. That's right, HD video could be transmitted with less bandwidth than was available on LANs 25 years ago, and 4K could almost make it if it weren't for the protocol overhead.
People have unrealistic expectations for what they need. It leads to organizations buying enough bandwidth that every user could have 100Mbit to the public Internet if their WAN backbone could support all of that, it's simply not necessary.
I don't think that they're criminally negligent because they're not themselves law-enforcement, so they can't really actually take an active role in stopping those that they see engaging in criminal acts. If the criminals they're interacting with are in foreign countries where reporting those individuals to that country's police forces won't do any good, then this is at least keeping tabs on things.
Now, it could be that some of those foreign countries for whom they're infiltrating the criminal hacker groups of might not take kindly to their doing this, so those that masquerade as criminals themselves might find that the foreign country in question wants them for prosecution as a result, but I would be surprised if they'd face very much domestic prosecution. Hacking-back is illegal, but it doesn't sound like they're actually hacking.
If the road is completely blocked then the not-pull-over solution is to stop. The car would then alert the occupants that the car cannot continue on this path. Depending on the circumstances the occupants might need to tell the car to turn around, if it is safe to do so, once the immediate danger of being in a collision is addressed.
This is true. The ramifications of something happening in a plane are worse but usually once a plane is airborne there's more time to deal with the emergency. A human occupant to a self-driving car might not even realize there's a problem before there's a collision if the car pulls an Eddie-the-shipboard-computer and gives the occupant control when they're not expecting it.
"...had disappeared from its digital vaults." the very terminology is misleading. It's just data on disk arrays, and if there's encryption it's decryptable by the owner of the disk array.
The term vault shouldn't be used anyway, unless the "vault" computer is literally air-gapped. We have a vault for storing data for legal purposes, it's a literal interal concrete structure within the building with a reinforced steel door, and only a few people have keys that open it. The only wiring going in there is for lights and fire alarm/smoke detectors. No outlets, no data, no phone. It's not a bank vault, but it would require a degree of commitment to get in there.
I do think that over-the-road and other long-distance highway or freeway applications will come first, but even then, the cars will need to be able to handle rain and snow and other mild weather without requiring driver intervention.
Why not, that is the design philosophy for airliners made in the past 30 years and their pilots who operate them. Sit and babysit the machine for 99.99% of the time; then jump in ready to go for the 0.01% of the time the situation is beyond the programming of the software. (In which case the software 1) does wrong thing. 2) just shuts-down while displaying a message to the pilots to let them know that, suddenly, THEY are flying the plane.)
A couple of reasons. First, the barrier to flying a plane, both for a human and for a computer is significantly higher. Specialized training far and beyond that to drive a car is necessary to fly a plane and not simply becuase the machine is more complicated, but because the conditions that the machine could encounter are much more varied and the way the operator reacts is much more important. Second, the number of people that could fall victim to an error is greater and the amount of harm that could be caused is also greater, both to to the passengers and to others in the environment. Even a damaged car has the option, most of the time, to just stop, or to just pull over to the side of the road and stop. A plane cannot safely cease to move without having already satisfied several important criteria, which are even harder to meet if something should damage the plane.
Self-driving cars only make sense if they can be completely self-driving unless the occupant chooses to override and become a driver, at least under the right conditions. If a self-driving car is meant for city use it needs to be able to handle basically all of the conditions that it will encounter in a city. If a self-driving car is intended only for highway or limited-access freeway use, then it at least needs to be able to handle all of the conditions that can be expected in that use, and to 'fail gracefully' when the inevitable unexpected (like those protesters that blocked an Interstate) happens, even if it can't self-drive in a city or suburban environment.
The extreme abuse done to a Ford Raptor is a bit of an outlier, and is a lot more akin to sideswiping a tree or high-centering on boulders. Sure, the truck can handle some high-speed offroading better than many other 4x4s, but there is a limit to how much dynamic load the manufacturer should be required to withstand.
That kind of treatment isn't the same as someone out on the rocky trail or in the dry riverbed that has slowed down to match the terrain they're crossing.
When you're a monopoly or near-monopoly, as just about all American-distributing labels are a part of the RIAA, it doesn't matter how much you alienate people. Arguably being an umbrella-membership group there's even a bigger disconnect, since people won't necessarily associate a given band with even their label, let alone that label to the RIAA.
Besides, the average person doesn't care.
Back in the day a record label wasn't much of an entity. It was usually a local studio with the ability to master onto a viny record, and a record label would publish its literal catalog so that stores could order the records they wanted to try to sell. Contracts between musicians and the label were simple, though admittedly racism was quite ugly for non-white performers in those early days.
I don't know if any singular event can be cited as when the relationship between labels and musicians went crazy, but between ever-increasing production costs through more and more editing and other sound processing work, speculative arrangements where labels became distributors that would essentially consign records to retailers proactively, and other costs that essentially outpaced the ability of the performers to pay upfront for their studio and production costs it's gotten out of hand.
I can certainly see the allure of attempting to use album sales as a driver of income; once the album is cut they don't have to continue to play the same material every single night just to pay the bills and they can both focus on new material and can perform less, but for whatever reason the whole thing is grossly out of whack now.
If you lift it then it's no longer in the manufacturer's configuration, unless again, one follows the manufacturer's OEM-aftermarket program, which *might* still have a degree of warranty available.
But you're certainly correct, very few new trucks and SUVs are out on the trails, and very few new vehicles are heavily modified. I'm mulling getting a 2000 or so Cherokee and putting a bit of work into it; I've seen very nice 4x4 examples with low miles and not for as expensive as one might dread. Throw a mild suspension lift, some ARB pneumatic differential lockers some under-body skid protection, some good tires, and have a pretty decent off-road rig without having to lift it to kingdom come. Too many other projects before I could do that though.
Sounds like they want a solution without having to pay for it.
willworkforbeer: Ads for trucks often show warranty-voiding off road activities. It's not CGI, the trucks will DO the stuff in the ad, but you're probably SOT (Spot Outta Truck) when you break it that way.
Nothing to see here.
And what, exactly, are they showing trucks doing that voids their warranties?
If I break a tie-rod end off-road they'll replace it. If I snap a ball joint they'll replace it and will probably fix the bent wheel opening molding and fender that resulted. If the steering gearbox or rack-and-pinion fail they'll replace those unless they failed as a direct result of striking a rock with the housing itself.
Same goes for axle shafts, axle housings, springs, even driveshafts, depending on the cause. Most truck and true-SUV manufacturers also have either options for underbody skid protection or OEM-aftermarket skid plates specifically for these applications.
Obviously if I sideswipe a tree they're not going to repair and repaint the side of the truck or replace the glass, that's a given. If the truck is sold as a serious off-road vehicle then there's an expectation that it'll do the job that it's marketed for and that the manufacturer will, to at least an extent, stand behind it.
The only solution would be for those that run these programs to have very specific term limits, and for them to have to retire from all forms of work that could impact Governments of the United States of America, including working for private companies that do business with the government.
Realistically, the only way that would happen would be for them to go into exile. Since we don't do that, there really is no solution.
I was very amused how when the guy role-playing the sorceress would forget he was playing a girl, he would be represented in her costume.
And who can forget, "HIDE BEHIND THE PILE OF DEAD BARDS!"
At least you get the people to show up in the office, distractions be damned making people excited to come in the morning without a never ending case of the Mondays seems like progress :)
...until those deadlines are fast-approaching and playing grabass with the hired flirts has left the worker with 240 hours of work to do over the next two weeks to get the project done...
What I want in a workplace is one that provides a concise framework for what they want, gives me the latitude to use my discretion to meet the need, and where the supervisor is supportive and actually tries to get the resources that I ask for. I also want the supervisor to help steer me back in the direction that I need to go in if I get off-track for too long, so that I remain productive, and to run interference with upper management so that I can work instead of having to answer questions all of the time.
Probably Cisco type 4...
Was it 12345? If so, sounds like the combination an idiot would use on his luggage...
If the alternative is the company buying cables without tab protectors on them, these are actually quite nice cables. We have a ton of 'em (probably quite literally) and so long as hardware designers aren't idiots they work fine. This is an idiot trying to blame the cable when the button is in the wrong spot.
I've got several thousand of those kinds of cables in my closets. They're not so bad if you don't have a reset button located adjacent to the tab protector. They actually slip out of the bundle fairly easily compared to most others.
If I'm remembering correctly...
If there's a TFTP server properly configured... If there's bootp on the LAN properly configured... If there's a switch configuration saved to that TFTP server and If it's named correctly such that there's a mechanism for associating it with a given request, some Cisco equipment can autoconfigure by pulling the config down off of TFTP without administrator intervention. I've seen some C2960S and C3560G do this; had to clear-out, IOS update, and put config templates on about 160 switches over a few days, watching it complain about not being able to find a TFTP server is just a little burned into my brain.
No one that I've spoken with has ever used this feature in production, and honestly it would take so much advance-setup to make it work that no boss would choose that path out of laziness instead of getting out a console cable, but technically if the switch were reset with the mode button it might make the attempt.
Again, if I'm remembering correctly.
I wish that Cisco would make it harder to press that button. Some older switches were REALLY bad, the button was the whole left end of the panel. If the closet is racked incorrectly the component above or below the switch could press the button and hold it down. I've seen it happen a few times.
When does celebration end and circle-jerk begin?