That's what the whole "can't predict" thing is. It's likely they handle those situations, and that they'll be better than current average; it's not predictable by what degree, and the degree can be negative.
No, it doesn't work that way. These are to be sold as actual product, and you can't equate this to R&D through funny logic. If your logic were valid, then pretty much every car on the road would be a beta test, because we get new model-years every year which are distinct from last year's car.
They've been allowing them to drive these around for quite a while to test and develop the technology. Now they're going to certify the new tech as products to be sold to the consumer market, ready to go.
What if you're twice as likely to be injured or killed in a crash equally as severe, but crashes of a given severity are 1/3 as likely?
That's like 67% as much injury and death--a safety win.
We can't predict how frequently these will crash in practice with a great degree of accuracy, or how safe they will be. It's likely they won't ditch all safety systems, but rather will come "close enough" which is not close enough. The combination effect is likely to be better, because a failure to demonstrate will lead to stupid shit like Congressional investigations.
No, this isn't testing; this is for deployment. They're allowing a fleet of up to 100,000.
Think about the economics. If we deploy 100,000 driverless freight and taxi vehicles in America this year, that's up to 100,000 of the 3.8 million career drivers unemployed. It could be less: rather than adding 50,000 to the fleet, we could remove 50,000 jobs with a total 100,000 driverless add. It'll be mostly taxis in the beginning, because passenger cars will come before freight haulers.
That's only 2.6% career driver unemployment, and.063% total unemployment added to the United States. The economy can remediate changes like this in surprisingly-short order (months or years, not decades), so it's not a big deal (except, of course, to the guy who loses his job--that's why we need strong social safety nets like a universal social security: that guy might get a job in 6 months's time, but what happens to his standard-of-living in that six months, and how many years will it take for him to recover???).
You can also imagine it takes 2-3 years for the technology to mature, in which case the economic impact is even less.
Now, imagine if we create a clusterfuck of competing state regulations blocking the efficient and profitable deployment of self-driving commercial vehicles.
Ten years later, the technology is totally-mature. Taxi companies have sort of taken it up, but they don't like that the vehicles lose value so quickly: taxis are routinely auctioned off after a few years. I own one from California, and I'm in Maryland! The risk of loss of value because a consumer might not want to buy a California or Idaho or Maryland car instead of one legal across the U.S. is a big impedance to adoption.
Then: everyone gets their shit together.
Suddenly, the 235,000 taxi drivers are in competition with self-driving cars. Taxi fleets are dumping drivers left and right; new taxi start-ups are charging 1/3 of what traditional taxis charge; and nobody wants to hail a cab with a human being in it for $40 when it costs $12 to go in a driverless ZipCar. In six months, you have 180,000 unemployed; in a year, taxi drivers are a thing of the past.
Fleet freighters roll in right behind them, and suddenly the 3.8 million freight trucks start going, too. Peterbilt, Volvo, and Isuzu have been ready for this, and their platforms are built to accommodate the hardware for their driverless versions. Driverless trucks roll out by the millions. Freight represents about 50% of the retail price tag of many goods in the United States; suddenly, it only represents 30%, if you get a driverless freight line to do your haul. Nobody wants to hire freight drivers.
American unemployment spikes by 2.1%. It's an ultimate cost of 2.4%, but the economy's agile enough to start recovering already--a little. That spike is going to take 6 years to come down, and the pressure of recession is going to weigh on Americans yet again at 7% unemployment--a more-severe recession than the dot-com bust.
Do you want to risk the economic fall-out of a mature technology creating a miniature industrial revolution from whole cloth?
Yeah we have a physical description of the pill printed on the bottle for that reason. Red pill that says TYLENOL 325? Bottle says this is a white-and-blue capsule with Lily-25 printed on it...
The article doesn't seem to suggest that the pharmacies don't do inventory management. Americans apparently consume $1,000 worth of pharmaceutical drugs per person per year. Given the $800 million number that ProPublica extrapolates from one anecdote and another "similar case" on MayoClinic, that's 0.25% (1/400).
Best Buy struggles to stay under 8% wasted product sometimes.
So this is bugging me because it seems reasonable but also is ProPublica. ProPublica has about zero journalistic ethic, but this article does seem to raise a reasonable concern.
... I have a question.
From what I can tell, there are two scenarios where expiration matters: big-bottle OTC drugs (I have 365 Loratadine in a single bottle, $10) and prescription pharmaceuticals.
Big-bottle OTC drugs are relatively-cheap. The liquid stuff does deteriorate rapidly, and often has instructions to not use after some short date after opening (e.g. straight Dextromethorphan 60mg/5mL is 1-year, but 3-months after opening). Tablets outlast liquid gels. Big bottles are cheaper per-dose than small bottles; most people buy big bottle brand names if they use the drug with any perceived frequency.
Pharmacy drugs, on the other hand, are stocked by the pharmacy based on consumption. Frequently, I have to wait for drugs; with my last refill, my pharmacist practically went to war on the phone with my insurer (she lost) because they wouldn't cover my refill unless I bought more drugs than they had in the pharmacy, and the pharmacy was unable to stock that much of the drug at once. She eventually gave me all the drugs in the store, plus reserved some from the next shipment, and charged me all at once up-front.
That tells me that cheap stuff expires at home, and pharmacy drugs... are managed with high-tech logistics so that pharmacies, distributors, and suppliers can minimize losses. Businesses don't eat costs; they change their practices PDQ to avoid costs.
... Are we really looking at a crisis here?
Oh. There it is. They open with a link to how hospitals "trash valuable medications", where they wrote:
Every week in Des Moines, Iowa, the employees of a small nonprofit collect bins of unexpired prescription drugs tossed out by nursing homes after residents died, moved out or no longer needed them. The drugs are given to patients who couldn’t otherwise afford them.
But travel 1,000 miles east to Long Island, New York, and you’ll find nursing homes flushing similar leftover drugs down the toilet, alarming state environmental regulators worried they’ll further contaminate the water supply.
In Baltimore, Maryland, a massive incinerator burns up tons of the drugs each year — for a fee — from nursing homes across the Eastern seaboard.
If you want to know why the nation’s health care costs are among the highest in the world, a good place to start is with what we throw away. Across the country, nursing homes routinely toss large quantities of perfectly good prescription medication: tablets for diabetes, syringes of blood thinners, pricey pills for psychosis and seizures.
So, piling on "we're wasting drugs" in context, but the actual reference (their own!) isn't about expiration dates.
The other thing they linked, in the same sentence, was hospitals discarding unexpired catheters, staplers, and IV bags.
So neither of those suggests that hospitals and pharmacies are destroying expired prescription drugs by the shitload. Next paragraph.
What if the system is destroying drugs that are technically “expired” but could still be safely used?
YES, WHAT IF?
Will ProPublica reveal that, yes, hospitals and pharmacies are discarding shitloads of expired drugs?
In his lab, Gerona ran tests on the decades-old drugs[...]
[...]A dozen of the 14 compounds were still as potent as they were when they were manufactured, some at almost 100 percent of their labeled concentrations.
[...]The news media is rife with stories of medications priced out of reach or of shortages of crucial drugs, sometimes because producing them is no longer profitable.
Nothing yet, except that you should be outraged because cr
I'm pretty sure that this experiment didn't set out to prove the FDA is corrupt and is maliciously slapping arbitrary expiry dates on drugs so you would waste your money.
Have you ever read ProPublica? Of course it did. I'm conflicted over this because this looks like an actual, valid concern; ProPublica is really good at taking facts and using them to construct an inaccurate narrative to get people angry at someone they trust. It's surprising how readily you can line up a bunch of things that are themselves true and create a complete lie, although ProPublica often simply misinterprets, mischaracterizes, and makes overgeneralized statements about the facts.
You shouldn't take unknown quantities of drugs. You could take a full dose but not respond clinically, then take an overdose and have a toxic response. Mixing NSAIDs can cause fatal gastric bleeding, so you could swap to ibuprofen and die. It's unlikely, but it happens.
There are a lot of drugs where it's plenty damned likely that doubling up or switching will kill you or do serious damage.
Aspirin is very stable. The free salicylic acid in a well-manufactured aspirin tablet kept at stable temperature and humidity for six months typically gets no higher than 3%.
... which mean the tablet has 54% of its original aspirin content after 10 years.
After 40 years, it should be about 9% strength; "effectiveness" might not linearly correlate with "strength", in this context. It'd be nice if they used sensible descriptors, although I guess if anywhere from 30mg to 50mg of a drug is exactly as-effective--many drugs do show no increase in patient response above a given dose, but no increase in side-effects (toxicity) until some significantly-higher dose--then losing 40% of its strength from 50mg would render it no less effective.
Kernel bugs generally don't get exploit protection; and CVE scores don't account for exploit mitigation prevention. If your little proxy server is vulnerable to a buffer overflow from a long domain name, then it's RCE. Never mind that RCE is physically-impossible because, once you guess your way past ASLR and perform a return-to-libc to change memory protections, it turns out the OS won't allow memory that's ever been writable to become executable, thus preventing a bit from being set which is plugged into a physical AND gate that controls the write pin for the ITLB and ICache; your program is vulnerable, end of story. Your OS can catch it and stop the exploit, but your program is still broken in that way.
They weren't specifically-aware of these exploits though. That's the point: that these don't work on Windows 10 isn't the storm from which Microsoft tried to save us; it's just another storm nobody predicted, and nobody predicted one this bad. "We told you to switch to Windows 10! You should have listened! Look what happened!" isn't much of a valid argument because Microsoft's decision to push for Windows 10 wasn't based on "what happened", or any prediction thereof.
Attribution to incompetence doesn't fit here, because the outcome is sheer brilliance. It's not that MS was brilliant in driving people onto Windows 10 by every means expedient; it's that they did, and, by some happenings of coincidence, this happened. Attribution goes to blind luck.
As for exploit mitigation, yeah, they've actually been doing a good job of that. In this case, it doesn't help; SMB1 is disabled by default on Windows 10, else it would be vulnerable still.
That takes handwriting samples, not a full transcripted record. There's a difference. It's still an information leak, but it's not a keylogger in that it's not, you know, logging a transcript of everything you type, or selectively logging sensitive information (passwords), or whatnot.
Here's the file sniffer that probably exists, or at least, you give them permission for one at any time:
https://privacy.microsoft.com/... [microsoft.com]
When we started down the road of "Windows 10 Is Spyware", there was a claim that it copied gigabytes and gigabytes of everything up to Microsoft because it copied all of the files on your hard drive to Microsoft's servers. Even Fedora and Ubuntu send memory contents and copies of configuration files up in automated bug reports (you should be freaked out by memory contents, which contain your private ssh keys and such).
When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.
Every entity who takes payments does this. The payment processor does this. It's done repeatedly up the entire chain.
Finally, we will access, transfer, disclose, and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive)
This is stuff in The Cloud, not stuff on your PC. I can use these services from Ubuntu, and I can use Windows without using these services.
when we have a good faith belief that doing so is necessary to:...protect the rights or property of Microsoft, including enforcing the terms governing the use of the services
Informing you that they have their hands on stuff they can rummage through for legal discovery if you're using their cloud services to store thats tuff on your servers, yes. Shocking revalation: Gmail also can dig through your e-mail for evidence if they file suit against you; Yahoo has access to your e-mail.
however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.
That's actually an odd voluntary limitation.
None of this stuff is particularly-shocking. Siri, Google, and Alexa have voice samples and typing pattern vectors collected from cell phone and tablet users. Automated bug reporting systems collect files, memory dumps, and so forth. Payment processors run your credit data through all kinds of fraud checks (I used to use people's information to find their home address and the names of the people who lived with them when I was doing fraud checks at a Web host--we didn't like paying $25 for chargebacks, so we essentially investigated people before charging their card). Cloud services have your data and may rummage through it during investigations and legal discovery .
Where is the spyware? Where is the constant, continuous keylogging, the transcripting of everything you do? Where's the secret of every document you ever generate, the e-mails sucked from your Thunderbird desktop client that's linked to your Gmail account via IMAP? Where is it?
For that matter, where's the stuff that separates Windows from iOS, Android, Ubuntu, and Fedora? Where's the differentiation between Microsoft and the likes of Apple, Google, and Yahoo?
The whole concept is ridiculous anyway. You don't need to-the-microsecond updates about traffic 30 miles away; to-the-minute is fine, and we can do way better than that.
Real-time situational awareness from anything other than your own sensors should come from a mesh network with nearby cars.
I'm the guy who speaks up all the time, gets in arguments with my boss, and tells people when they're wrong repeatedly. I get a lot of flack.
Also, senior executives brought up my shiny new motorcycle in a meeting about business continuity.
Apparently I'm considered so critical an asset that learning to ride a motorcycle was a major topic at an executive meeting about risks faced by the business. I seriously need to change my position, train my replacement, and do something more-useful here. They're already forced to listen to me point out the problems that will cripple our business, and they've even started fixing them with large and expensive endeavors--and noticed that these endeavors have paid huge dividends. They may as well let me start fixing it.
So yeah, keep your head down; I'll keep your salary.
While jQuery is kind of crap, you'll have a hard time explaining why.
A lot of things done right are done with more code, not less. Instrumentation and framework, encapsulation, things that make your program maintainable and segment it into logical pieces all have some programmatic overhead. Only an immature programmer would pre-optimize by throwing away the maintainability of the codebase to save a few lines of code.
Security by obscurity is not security. We can now use his published exploit to prime our IDS and IPS. There's no way he could get this to every IDS vendor in the world; he'd have to identify them all, and even I can't do that.
Slashdot Mirror
That's what the whole "can't predict" thing is. It's likely they handle those situations, and that they'll be better than current average; it's not predictable by what degree, and the degree can be negative.
No, it doesn't work that way. These are to be sold as actual product, and you can't equate this to R&D through funny logic. If your logic were valid, then pretty much every car on the road would be a beta test, because we get new model-years every year which are distinct from last year's car.
They've been allowing them to drive these around for quite a while to test and develop the technology. Now they're going to certify the new tech as products to be sold to the consumer market, ready to go.
What if you're twice as likely to be injured or killed in a crash equally as severe, but crashes of a given severity are 1/3 as likely?
That's like 67% as much injury and death--a safety win.
We can't predict how frequently these will crash in practice with a great degree of accuracy, or how safe they will be. It's likely they won't ditch all safety systems, but rather will come "close enough" which is not close enough. The combination effect is likely to be better, because a failure to demonstrate will lead to stupid shit like Congressional investigations.
No, this isn't testing; this is for deployment. They're allowing a fleet of up to 100,000.
Think about the economics. If we deploy 100,000 driverless freight and taxi vehicles in America this year, that's up to 100,000 of the 3.8 million career drivers unemployed. It could be less: rather than adding 50,000 to the fleet, we could remove 50,000 jobs with a total 100,000 driverless add. It'll be mostly taxis in the beginning, because passenger cars will come before freight haulers.
That's only 2.6% career driver unemployment, and .063% total unemployment added to the United States. The economy can remediate changes like this in surprisingly-short order (months or years, not decades), so it's not a big deal (except, of course, to the guy who loses his job--that's why we need strong social safety nets like a universal social security: that guy might get a job in 6 months's time, but what happens to his standard-of-living in that six months, and how many years will it take for him to recover???).
You can also imagine it takes 2-3 years for the technology to mature, in which case the economic impact is even less.
Now, imagine if we create a clusterfuck of competing state regulations blocking the efficient and profitable deployment of self-driving commercial vehicles.
Ten years later, the technology is totally-mature. Taxi companies have sort of taken it up, but they don't like that the vehicles lose value so quickly: taxis are routinely auctioned off after a few years. I own one from California, and I'm in Maryland! The risk of loss of value because a consumer might not want to buy a California or Idaho or Maryland car instead of one legal across the U.S. is a big impedance to adoption.
Then: everyone gets their shit together.
Suddenly, the 235,000 taxi drivers are in competition with self-driving cars. Taxi fleets are dumping drivers left and right; new taxi start-ups are charging 1/3 of what traditional taxis charge; and nobody wants to hail a cab with a human being in it for $40 when it costs $12 to go in a driverless ZipCar. In six months, you have 180,000 unemployed; in a year, taxi drivers are a thing of the past.
Fleet freighters roll in right behind them, and suddenly the 3.8 million freight trucks start going, too. Peterbilt, Volvo, and Isuzu have been ready for this, and their platforms are built to accommodate the hardware for their driverless versions. Driverless trucks roll out by the millions. Freight represents about 50% of the retail price tag of many goods in the United States; suddenly, it only represents 30%, if you get a driverless freight line to do your haul. Nobody wants to hire freight drivers.
American unemployment spikes by 2.1%. It's an ultimate cost of 2.4%, but the economy's agile enough to start recovering already--a little. That spike is going to take 6 years to come down, and the pressure of recession is going to weigh on Americans yet again at 7% unemployment--a more-severe recession than the dot-com bust.
Do you want to risk the economic fall-out of a mature technology creating a miniature industrial revolution from whole cloth?
Nobody wants to risk that.
No I moved out of my parents's house to live alone. Who would want to live with their parents?
I'm going to start my own so I can get a billion dollars out of people before it crashes. It'll be the Tickle-Me-Furby Coin.
What if we start indexing the public information of all these cases and let you precision-search forgotten-web?
No, why would I go outside? I can have pizza delivered!
Who in the hell would pay to watch other people play sports?
I thought registry cleaning software didn't speed up Windows, didn't remove problems, and was more likely to cause problems than do anything useful.
Why can't we just have everyone pay less taxes? Has anyone proposed that yet?
That's why it's so hard to levy an increased income tax, like a responsible nation-state.
Yeah we have a physical description of the pill printed on the bottle for that reason. Red pill that says TYLENOL 325? Bottle says this is a white-and-blue capsule with Lily-25 printed on it...
The article doesn't seem to suggest that the pharmacies don't do inventory management. Americans apparently consume $1,000 worth of pharmaceutical drugs per person per year. Given the $800 million number that ProPublica extrapolates from one anecdote and another "similar case" on MayoClinic, that's 0.25% (1/400).
Best Buy struggles to stay under 8% wasted product sometimes.
So this is bugging me because it seems reasonable but also is ProPublica. ProPublica has about zero journalistic ethic, but this article does seem to raise a reasonable concern.
From what I can tell, there are two scenarios where expiration matters: big-bottle OTC drugs (I have 365 Loratadine in a single bottle, $10) and prescription pharmaceuticals.
Big-bottle OTC drugs are relatively-cheap. The liquid stuff does deteriorate rapidly, and often has instructions to not use after some short date after opening (e.g. straight Dextromethorphan 60mg/5mL is 1-year, but 3-months after opening). Tablets outlast liquid gels. Big bottles are cheaper per-dose than small bottles; most people buy big bottle brand names if they use the drug with any perceived frequency.
Pharmacy drugs, on the other hand, are stocked by the pharmacy based on consumption. Frequently, I have to wait for drugs; with my last refill, my pharmacist practically went to war on the phone with my insurer (she lost) because they wouldn't cover my refill unless I bought more drugs than they had in the pharmacy, and the pharmacy was unable to stock that much of the drug at once. She eventually gave me all the drugs in the store, plus reserved some from the next shipment, and charged me all at once up-front.
That tells me that cheap stuff expires at home, and pharmacy drugs ... are managed with high-tech logistics so that pharmacies, distributors, and suppliers can minimize losses. Businesses don't eat costs; they change their practices PDQ to avoid costs.
Oh. There it is. They open with a link to how hospitals "trash valuable medications", where they wrote:
Every week in Des Moines, Iowa, the employees of a small nonprofit collect bins of unexpired prescription drugs tossed out by nursing homes after residents died, moved out or no longer needed them. The drugs are given to patients who couldn’t otherwise afford them.
But travel 1,000 miles east to Long Island, New York, and you’ll find nursing homes flushing similar leftover drugs down the toilet, alarming state environmental regulators worried they’ll further contaminate the water supply.
In Baltimore, Maryland, a massive incinerator burns up tons of the drugs each year — for a fee — from nursing homes across the Eastern seaboard.
If you want to know why the nation’s health care costs are among the highest in the world, a good place to start is with what we throw away. Across the country, nursing homes routinely toss large quantities of perfectly good prescription medication: tablets for diabetes, syringes of blood thinners, pricey pills for psychosis and seizures.
So, piling on "we're wasting drugs" in context, but the actual reference (their own!) isn't about expiration dates.
The other thing they linked, in the same sentence, was hospitals discarding unexpired catheters, staplers, and IV bags.
So neither of those suggests that hospitals and pharmacies are destroying expired prescription drugs by the shitload. Next paragraph.
What if the system is destroying drugs that are technically “expired” but could still be safely used?
YES, WHAT IF?
Will ProPublica reveal that, yes, hospitals and pharmacies are discarding shitloads of expired drugs?
In his lab, Gerona ran tests on the decades-old drugs[...]
[...]A dozen of the 14 compounds were still as potent as they were when they were manufactured, some at almost 100 percent of their labeled concentrations.
[...]The news media is rife with stories of medications priced out of reach or of shortages of crucial drugs, sometimes because producing them is no longer profitable.
Nothing yet, except that you should be outraged because cr
I'm pretty sure that this experiment didn't set out to prove the FDA is corrupt and is maliciously slapping arbitrary expiry dates on drugs so you would waste your money.
Have you ever read ProPublica? Of course it did. I'm conflicted over this because this looks like an actual, valid concern; ProPublica is really good at taking facts and using them to construct an inaccurate narrative to get people angry at someone they trust. It's surprising how readily you can line up a bunch of things that are themselves true and create a complete lie, although ProPublica often simply misinterprets, mischaracterizes, and makes overgeneralized statements about the facts.
You shouldn't take unknown quantities of drugs. You could take a full dose but not respond clinically, then take an overdose and have a toxic response. Mixing NSAIDs can cause fatal gastric bleeding, so you could swap to ibuprofen and die. It's unlikely, but it happens.
There are a lot of drugs where it's plenty damned likely that doubling up or switching will kill you or do serious damage.
Aspirin is very stable. The free salicylic acid in a well-manufactured aspirin tablet kept at stable temperature and humidity for six months typically gets no higher than 3%.
After 40 years, it should be about 9% strength; "effectiveness" might not linearly correlate with "strength", in this context. It'd be nice if they used sensible descriptors, although I guess if anywhere from 30mg to 50mg of a drug is exactly as-effective--many drugs do show no increase in patient response above a given dose, but no increase in side-effects (toxicity) until some significantly-higher dose--then losing 40% of its strength from 50mg would render it no less effective.
Kernel bugs generally don't get exploit protection; and CVE scores don't account for exploit mitigation prevention. If your little proxy server is vulnerable to a buffer overflow from a long domain name, then it's RCE. Never mind that RCE is physically-impossible because, once you guess your way past ASLR and perform a return-to-libc to change memory protections, it turns out the OS won't allow memory that's ever been writable to become executable, thus preventing a bit from being set which is plugged into a physical AND gate that controls the write pin for the ITLB and ICache; your program is vulnerable, end of story. Your OS can catch it and stop the exploit, but your program is still broken in that way.
They weren't specifically-aware of these exploits though. That's the point: that these don't work on Windows 10 isn't the storm from which Microsoft tried to save us; it's just another storm nobody predicted, and nobody predicted one this bad. "We told you to switch to Windows 10! You should have listened! Look what happened!" isn't much of a valid argument because Microsoft's decision to push for Windows 10 wasn't based on "what happened", or any prediction thereof.
Attribution to incompetence doesn't fit here, because the outcome is sheer brilliance. It's not that MS was brilliant in driving people onto Windows 10 by every means expedient; it's that they did, and, by some happenings of coincidence, this happened. Attribution goes to blind luck.
As for exploit mitigation, yeah, they've actually been doing a good job of that. In this case, it doesn't help; SMB1 is disabled by default on Windows 10, else it would be vulnerable still.
Here's how to disable the keylogger you claim doesn't exist: http://www.pcworld.com/article... [pcworld.com]
That takes handwriting samples, not a full transcripted record. There's a difference. It's still an information leak, but it's not a keylogger in that it's not, you know, logging a transcript of everything you type, or selectively logging sensitive information (passwords), or whatnot.
Here's the file sniffer that probably exists, or at least, you give them permission for one at any time: https://privacy.microsoft.com/... [microsoft.com]
When we started down the road of "Windows 10 Is Spyware", there was a claim that it copied gigabytes and gigabytes of everything up to Microsoft because it copied all of the files on your hard drive to Microsoft's servers. Even Fedora and Ubuntu send memory contents and copies of configuration files up in automated bug reports (you should be freaked out by memory contents, which contain your private ssh keys and such).
When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.
Every entity who takes payments does this. The payment processor does this. It's done repeatedly up the entire chain.
Finally, we will access, transfer, disclose, and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive)
This is stuff in The Cloud, not stuff on your PC. I can use these services from Ubuntu, and I can use Windows without using these services.
when we have a good faith belief that doing so is necessary to: ...protect the rights or property of Microsoft, including enforcing the terms governing the use of the services
Informing you that they have their hands on stuff they can rummage through for legal discovery if you're using their cloud services to store thats tuff on your servers, yes. Shocking revalation: Gmail also can dig through your e-mail for evidence if they file suit against you; Yahoo has access to your e-mail.
however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer's private content ourselves, but we may refer the matter to law enforcement.
That's actually an odd voluntary limitation.
None of this stuff is particularly-shocking. Siri, Google, and Alexa have voice samples and typing pattern vectors collected from cell phone and tablet users. Automated bug reporting systems collect files, memory dumps, and so forth. Payment processors run your credit data through all kinds of fraud checks (I used to use people's information to find their home address and the names of the people who lived with them when I was doing fraud checks at a Web host--we didn't like paying $25 for chargebacks, so we essentially investigated people before charging their card). Cloud services have your data and may rummage through it during investigations and legal discovery .
Where is the spyware? Where is the constant, continuous keylogging, the transcripting of everything you do? Where's the secret of every document you ever generate, the e-mails sucked from your Thunderbird desktop client that's linked to your Gmail account via IMAP? Where is it?
For that matter, where's the stuff that separates Windows from iOS, Android, Ubuntu, and Fedora? Where's the differentiation between Microsoft and the likes of Apple, Google, and Yahoo?
The whole concept is ridiculous anyway. You don't need to-the-microsecond updates about traffic 30 miles away; to-the-minute is fine, and we can do way better than that.
Real-time situational awareness from anything other than your own sensors should come from a mesh network with nearby cars.
I'm the guy who speaks up all the time, gets in arguments with my boss, and tells people when they're wrong repeatedly. I get a lot of flack.
Also, senior executives brought up my shiny new motorcycle in a meeting about business continuity.
Apparently I'm considered so critical an asset that learning to ride a motorcycle was a major topic at an executive meeting about risks faced by the business. I seriously need to change my position, train my replacement, and do something more-useful here. They're already forced to listen to me point out the problems that will cripple our business, and they've even started fixing them with large and expensive endeavors--and noticed that these endeavors have paid huge dividends. They may as well let me start fixing it.
So yeah, keep your head down; I'll keep your salary.
While jQuery is kind of crap, you'll have a hard time explaining why.
A lot of things done right are done with more code, not less. Instrumentation and framework, encapsulation, things that make your program maintainable and segment it into logical pieces all have some programmatic overhead. Only an immature programmer would pre-optimize by throwing away the maintainability of the codebase to save a few lines of code.
Security by obscurity is not security. We can now use his published exploit to prime our IDS and IPS. There's no way he could get this to every IDS vendor in the world; he'd have to identify them all, and even I can't do that.