It is the common-sense default for anything important that doesn't legitimately *need* to be accessed from the internet. Amazon doesn't airgap their webservers because their sole purpose is to serve content to the internet.
From all I have read I would think the LHC has a different purpose. One that doesn't require internet access, too.
Oh, cool, they get to remote control the LHC, with webcam and everything?
Don't think so. Experiments involving the LHC probably require quite a bit of preparation and I doubt they can be pulled off without hands-on assistance by the on-site technicians ("Plug it in, Bob!").
Thus my conclusion would be that someone simply didn't do his homework with regard to network security here. There is no excuse for connecting the controlling terminal of a billion dollar device to the internet. If that really was the case then someone should be fired and banned from his profession for life. TFA lacks details in terms of "what could have happened" but I think it's not too far fetched to assume that at least some very expensive gear could have been damaged (or decalibrated) by futzing a few knobs to eleven.
And no, there is no sane reason why any remote site needs any kind of access to the LHC controls. It's not that hard to setup a true one-way datapath for exporting results to universities and such. If some experiments require near realtime adjustments to the LHC settings then that could (and should) be wrapped up in a very limited, temporary interface.
Amen to everyone who bashes alsa here, I agree wholeheartly. I think it's high time for a rewrite, maybe they get it right the third time...
It's really amazing how thoroughly they managed to screw up something so relatively simple (when compared to other areas of the kernel).
Every time my box decides to re-shuffle the order of my soundcards (re-promoting the onboard sound to default), or decides to remain silent for the rest of the session after I plugged/unplugged my USB headset, or requires me to play trial&error with barely documented and obscure config files (asoundrc/openalrc) to *maybe* get sound in a game working it reminds me of why 2008 is probably still not the year of linux on the desktop...
To be fair, yes ALSA "works" most of the time and even out of the box. The distro-hackers managed to beat the hardware-detection into submission so that pretty much any liveCD will give you sound (at least on one of your cards...) right away. Just never try to get fancy, like going beyond adjusting the Master-volume. You're in for a world of pain.
I wonder why you guy make such a big deal of this. Establishing a balance in an online eco-system works just the same as it works everywhere else (read: in mother nature): If you don't want $angry_mob to destroy your $pretty_forest then give your players an incentive to protect $pretty_forest. The most feasible incentive would be useful items/ressources spawning in $pretty_forest at regular intervals.
My thoughts *exactly*. That whole DST idea was broken from the very beginning and I wonder what could actually break if we just got rid of it right now? I guess there would be some confusion in the first few years because millions of clocks and watches would still auto-adjust (and have to be fixed or replaced anyhow) but that's not so different to what we have today, twice every year.
Is there anything serious relying on DST that would break if DST suddenly went away?
Either way I think it's a safe bet that the savings in energy and money due to DST sum up to a negative value. So why can't the people in charge get their act together and abolish it...
Wait for what? Your favorite torrent site has had that patch since before spore was officially released. And it didn't go away either, you can download it right now.
Fail. A new system is supposed to be easier-better-faster. Duplicating the old interface usually isn't the way to get that.
Sometimes you have to maintain (parts) of the old system because an overnight transition (training etc.) is unrealistic. This may be the case here.
And 'regular operators' are supposed to do this inbetween processing actual flights? Riiiight.
Well, I'm assuming that there are spare operators on stand-by all the time, no? Ofcourse no real operator is supposed to test the system in between processing real flights. Instead a separate operator drives the new system (pretending it would be real) while the real operator uses the old system.
The other "excuse" would be that this guy offers zero proof that they has ever been any data on the drive whatsoever. He could be handing you a drive that never contained any data and then point fingers at you, calling you "fake recovery company".
Seriously, how is this news? Nobody will ever take this serious.
I can just picture it: The FBI kicks down your door at 3:40am, male voices scream "F-B-I", guns clicking, laser-sight dots hushing over the walls, someone jumps through your bedroom window, kicks you out of bed knocks you onto the floor, jams his knee into your neck... Then a nutty professor with fat glasses in a white coat runs onto the scene and screams "FREEZE!!!" as he sprays ice onto your RAM modules...
C'mon kids, won't happen. You've been to the movies too much. In the real world they just send you a letter. And you pay and/or get to clean some public spaces. And mommy will lock away the computer. That's it.
Well, I'd sum up your anecdote up as a single, well-formed condition in such a system: DELAY. Ofcourse approaching an optimized schedule and maintaining safe-route-prediction based on a constantly changing working-set does imply an array of a hard, greedy problems (travelling salesman, knapsack, you name it) but in the end it boils down to raw number-crunching power.
I mean, the current system (from the 70s?) can do it. I see no reason why an equal, or rather, a better system could not be created. There's really no magic to it, it's just mathematics.
I still don't understand what's the big deal here. There is an existing system which is apparently well understood, both in terms of operational details as well as problems they wish to solve.
How hard can it be to design a new system according to these specs, test it alongside with the old system (with real data!) and then roll it out?
If training is an issue then fine, provide an interface that's identical or very similar to the old one. If you're worried about bugs then fine, test it until you feel comfortable. E.g. by processing all (or a large portion) of incoming data twice, once by the regular operators and once by operators using the new system - then compare the results.
Ofcourse this costs money but money shouldn't be the primary concern when it comes to aircraft security, no?
Furthermore I wonder about the perceived complexity of this thing. To me it sounds like a fairly mundane concurrent dispatcher-process that could, maybe, even be implemented on commodity hardware (with large redundancy, obviously). There's not so much actual data-volume to process by today's hardware standards, I mean how many planes will have to be tracked simultanously at any given time? The hard numbercrunching work is probably about collision-prediction and optimizing schedules - both tasks that should be very parallelizable.
So, what are they crying about again? Too expensive?
I watched the video only because I wanted to see bill wiggle is butt. And boy, was I disappointed! I mean seriously, if you shell out a billion-or-so dollars for a national TV-ad, can't you at least afford a friggin butt-wiggle-stuntman?
I mean, seriously... WHAT WAS THAT? This doesn't even look like an intentional move at all. At best this looks as if he stopped for half a second to fart or because of an itch in his crack.
Bill, look here for a fellow billionaire wiggling it for real. I'm sure he can teach you if you ask him nicely.
I'm not saying that there shouldn't be legal repercussion for companies or institutions "losing" personal data like that. I'm just saying that in the real world it's often hard to determine who actually "lost" your data or who uploaded it to an internet server. And once it's out there it's public forever, we all know that.
A photo, no matter how embarassing, is a snapshot of reality. You either prevent it from being taken in first place - or you have to live with the risk of it becoming public one day. There is *nothing* we can do about that, in the internet-age it's a simple fact of life.
Just keep the blame where it belongs, on the party that rightfully had access to your data (the bank, the doctor) but lost it. Don't blame the infrastructure, i.e. services that index existing data or make it more accessible.
Or, back on topic: Blame the person who annotated your face with your name. Not the service that enables face annotation.
There is no such thing as privacy on the internet. Information wants to be free, remember?
As usual you're free to hide under a rock and not put any "private" information of yourself, such as a portrait photograph, on the internet. But chances are that one day a photo showing your face (maybe simply because you walked through the pic when someone *else* was taking one) will end up somewhere. And chances are that one day (maybe in a decade) a photo-crawler will pick it up and somehow manage to annotate it with your name, URL or whatever other bits of information about you may be available "somewhere".
It's called evolution. Information density is only increasing and one day we *will* have the semantic web with amazing ways to relate all kinds of information that we cannot even imagine today.
Data protection laws are for stuff that matters, like your financial or medical record. Not for the relation between your name and face that you probably hand out freely multiple times a day anyways by saying "Hello, I am..." to someone.
Yea, right. zengarden is a fairly trivial layout to start with (2 columns) and many of their examples don't even get that one right. Try increasing your font-size. Try making your browser window really small. Get the idea?
Nobody who has used CSS professionally (which you obviously haven't) would call it "elegant". Yes, some of the ideas and concepts are elegant but that's dwarfed by the development process, a series of trial & error, and the end-result, an amalgam of conditionals, hacks and kludges.
Slashdot Mirror
It is the common-sense default for anything important that doesn't legitimately *need* to be accessed from the internet.
Amazon doesn't airgap their webservers because their sole purpose is to serve content to the internet.
From all I have read I would think the LHC has a different purpose. One that doesn't require internet access, too.
Oh, cool, they get to remote control the LHC, with webcam and everything?
Don't think so. Experiments involving the LHC probably require quite a bit of preparation and I doubt they can be pulled off without hands-on assistance by the on-site technicians ("Plug it in, Bob!").
Thus my conclusion would be that someone simply didn't do his homework with regard to network security here.
There is no excuse for connecting the controlling terminal of a billion dollar device to the internet. If that really was the case then someone should be fired and banned from his profession for life. TFA lacks details in terms of "what could have happened" but I think it's not too far fetched to assume that at least some very expensive gear could have been damaged (or decalibrated) by futzing a few knobs to eleven.
And no, there is no sane reason why any remote site needs any kind of access to the LHC controls. It's not that hard to setup a true one-way datapath for exporting results to universities and such. If some experiments require near realtime adjustments to the LHC settings then that could (and should) be wrapped up in a very limited, temporary interface.
Amen to everyone who bashes alsa here, I agree wholeheartly.
I think it's high time for a rewrite, maybe they get it right the third time...
It's really amazing how thoroughly they managed to screw up something so relatively simple (when compared to other areas of the kernel).
Every time my box decides to re-shuffle the order of my soundcards (re-promoting the onboard sound to default), or decides to remain silent for the rest of the session after I plugged/unplugged my USB headset, or requires me to play trial&error with barely documented and obscure config files (asoundrc/openalrc) to *maybe* get sound in a game working it reminds me of why 2008 is probably still not the year of linux on the desktop...
To be fair, yes ALSA "works" most of the time and even out of the box. The distro-hackers managed to beat the hardware-detection into submission so that pretty much any liveCD will give you sound (at least on one of your cards...) right away. Just never try to get fancy, like going beyond adjusting the Master-volume. You're in for a world of pain.
I wonder why you guy make such a big deal of this.
Establishing a balance in an online eco-system works just the same as it works everywhere else (read: in mother nature): If you don't want $angry_mob to destroy your $pretty_forest then give your players an incentive to protect $pretty_forest. The most feasible incentive would be useful items/ressources spawning in $pretty_forest at regular intervals.
I want to be your friend, how do I start?
Well, it's not as unlikely as you may think. It hap
My thoughts *exactly*. That whole DST idea was broken from the very beginning and I wonder what could actually break if we just got rid of it right now?
I guess there would be some confusion in the first few years because millions of clocks and watches would still auto-adjust (and have to be fixed or replaced anyhow) but that's not so different to what we have today, twice every year.
Is there anything serious relying on DST that would break if DST suddenly went away?
Either way I think it's a safe bet that the savings in energy and money due to DST sum up to a negative value.
So why can't the people in charge get their act together and abolish it...
Wait for what?
Your favorite torrent site has had that patch since before spore was officially released. And it didn't go away either, you can download it right now.
Sometimes you have to maintain (parts) of the old system because an overnight transition (training etc.) is unrealistic. This may be the case here.
Well, I'm assuming that there are spare operators on stand-by all the time, no? Ofcourse no real operator is supposed to test the system in between processing real flights. Instead a separate operator drives the new system (pretending it would be real) while the real operator uses the old system.
The other "excuse" would be that this guy offers zero proof that they has ever been any data on the drive whatsoever. He could be handing you a drive that never contained any data and then point fingers at you, calling you "fake recovery company".
Seriously, how is this news? Nobody will ever take this serious.
I can just picture it: The FBI kicks down your door at 3:40am, male voices scream "F-B-I", guns clicking, laser-sight dots hushing over the walls, someone jumps through your bedroom window, kicks you out of bed knocks you onto the floor, jams his knee into your neck... Then a nutty professor with fat glasses in a white coat runs onto the scene and screams "FREEZE!!!" as he sprays ice onto your RAM modules...
C'mon kids, won't happen. You've been to the movies too much. In the real world they just send you a letter. And you pay and/or get to clean some public spaces. And mommy will lock away the computer. That's it.
Well, I'd sum up your anecdote up as a single, well-formed condition in such a system: DELAY.
Ofcourse approaching an optimized schedule and maintaining safe-route-prediction based on a constantly changing working-set does imply an array of a hard, greedy problems (travelling salesman, knapsack, you name it) but in the end it boils down to raw number-crunching power.
I mean, the current system (from the 70s?) can do it. I see no reason why an equal, or rather, a better system could not be created.
There's really no magic to it, it's just mathematics.
I still don't understand what's the big deal here.
There is an existing system which is apparently well understood, both in terms of operational details as well as problems they wish to solve.
How hard can it be to design a new system according to these specs, test it alongside with the old system (with real data!) and then roll it out?
If training is an issue then fine, provide an interface that's identical or very similar to the old one.
If you're worried about bugs then fine, test it until you feel comfortable. E.g. by processing all (or a large portion) of incoming data twice, once by the regular operators and once by operators using the new system - then compare the results.
Ofcourse this costs money but money shouldn't be the primary concern when it comes to aircraft security, no?
Furthermore I wonder about the perceived complexity of this thing. To me it sounds like a fairly mundane concurrent dispatcher-process that could, maybe, even be implemented on commodity hardware (with large redundancy, obviously). There's not so much actual data-volume to process by today's hardware standards, I mean how many planes will have to be tracked simultanously at any given time? The hard numbercrunching work is probably about collision-prediction and optimizing schedules - both tasks that should be very parallelizable.
So, what are they crying about again? Too expensive?
I watched the video only because I wanted to see bill wiggle is butt. And boy, was I disappointed! I mean seriously, if you shell out a billion-or-so dollars for a national TV-ad, can't you at least afford a friggin butt-wiggle-stuntman?
I mean, seriously... WHAT WAS THAT?
This doesn't even look like an intentional move at all. At best this looks as if he stopped for half a second to fart or because of an itch in his crack.
Bill, look here for a fellow billionaire wiggling it for real. I'm sure he can teach you if you ask him nicely.
I'm not saying that there shouldn't be legal repercussion for companies or institutions "losing" personal data like that. I'm just saying that in the real world it's often hard to determine who actually "lost" your data or who uploaded it to an internet server. And once it's out there it's public forever, we all know that.
A photo, no matter how embarassing, is a snapshot of reality. You either prevent it from being taken in first place - or you have to live with the risk of it becoming public one day. There is *nothing* we can do about that, in the internet-age it's a simple fact of life.
Just keep the blame where it belongs, on the party that rightfully had access to your data (the bank, the doctor) but lost it.
Don't blame the infrastructure, i.e. services that index existing data or make it more accessible.
Or, back on topic: Blame the person who annotated your face with your name. Not the service that enables face annotation.
By not putting them on the internet? Or is that too obvious?
There is no such thing as privacy on the internet. Information wants to be free, remember?
As usual you're free to hide under a rock and not put any "private" information of yourself, such as a portrait photograph, on the internet.
But chances are that one day a photo showing your face (maybe simply because you walked through the pic when someone *else* was taking one) will end up somewhere. And chances are that one day (maybe in a decade) a photo-crawler will pick it up and somehow manage to annotate it with your name, URL or whatever other bits of information about you may be available "somewhere".
It's called evolution. Information density is only increasing and one day we *will* have the semantic web with amazing ways to relate all kinds of information that we cannot even imagine today.
Data protection laws are for stuff that matters, like your financial or medical record. Not for the relation between your name and face that you probably hand out freely multiple times a day anyways by saying "Hello, I am..." to someone.
Same would be true for C or assembler?
Thinking about java is better: http://brizzled.clapper.org/id/75
I pity you. I pity you. I pity you.
Maybe you can pull your head outta your ass and get over it?
That's okay. Many refer to it as javascribbel anyways.
And what exactly would then be left of CSS as we know it? The practice of describing the layout in a separate ruleset?
If that's all you admit to be worth keeping of CSS then well, I would indeed call that a fundamental failure.
Yea, right. zengarden is a fairly trivial layout to start with (2 columns) and many of their examples don't even get that one right. Try increasing your font-size. Try making your browser window really small. Get the idea?
Nobody who has used CSS professionally (which you obviously haven't) would call it "elegant". Yes, some of the ideas and concepts are elegant but that's dwarfed by the development process, a series of trial & error, and the end-result, an amalgam of conditionals, hacks and kludges.
There's a teeny, weeny, little gap in your argument. Maybe you figure it out on your own?