There is a reason parents supervise their kids internet. Letting a young teen on 4chan would lead to about the same ends. AI is still as gullible as a kid.
>When I can ask the AI 'I need a program that can beat any human at go' and it can deliver a product as good as AlphaGo then we'll truly have what counts as real AI.
Uh, if you can ask the AI that, then you already have an ASI. AlphaGo has taken at least 2 years to design along with the input of an entire team of programmers, experts, and go players.
No, if an AI can answer the question you want, it really has no need for humans any longer.
40TB HDD? It's apt to fail before you read all the data off of it... Ok, I'm only slightly joking there. The IOPS will still be piss poor on spinning media, so it will only get good throughput with large files, current benchmarks on 8TB drives show around a 150MBps read and write, if that holds the same, it will take over 70 hours to transfer all 40TB, in the best case scenarios.
> If an attacker can put a random binary on your local drive then they already own your machine
Pretty much no.
>If a miscreant cuts your brake line without your knowledge,
Terrible analogy. Because it's not what's occurring here. They don't have unrestricted access to critical systems on your car. It's more like they put a brake line cutting machine in your front seat. It's not until you get into the car and say "Are you sure you want to run the program START CAR with administrative access" that your line can be cut.
Let's go back to your original idea that the machine is compromised. If I have a virus file in C:\Dont_execute_anything_from_here, is my machine compromised? No, in most cases a file sitting on the drive would not randomly self execute. But, now let's say file "bad_code.exe" was written in such a way it took over program flow from my anti-virus when it was scanned. We would certainly say that the anti-virus vendor was at fault in this case.
>They've already owned the box just to put the DLL there.
Not exactly.
With UAC a prompt occurs to get administrative access, if this occurs at a time when the user does not expect it they may very well say no. Drive by downloads are one particular class of bug that can put a file in downloads, but have no risk of executing the file at that time, yes they are a bug that needs fixed, but one that seems to commonly occur. It is only later when an administrative installer executes that the system can be fully taken over.
Your stock can drop instantly by half due to a computer error, but if the actual value of your stock is worth more than that, it will quickly return to its original value. It's called holding long term.
The issue here that you're having a problem with is people near the trading core can react much faster to real bad news, and you don't like it much.
That is a silly view you have. You cares what the underlying technology is when you are making long term investments. HFT will just get your order filled faster. If you are attempting to day trade
Don't.
If it wasn't AB+ (which is really odd in a gov organization), you would just have an SSL inspection box that filtered out any crap they didn't want. Personally I don't want ads and their associated trackers 'monitoring' inside of government networks. Nefarious 3rd parties could easily buy or steal that data and use it to attack your network.
Buy a logging chain and wrap it around one of the cable junctions at the side of the road. Then figure out a way to attach it to a passing dump truck without a) ripping your arms off and b) getting caught. The broken windows fallacy is only a fallacy when it's keeping you from getting upgraded service.
>Do you expect your fellow citizens to pay more tax so that you can reap more private profit?
Yes. Because when you do this for something that isn't just a pet project, but benefits everyone in society it increases everybody's profit. Of course I'm sure you've not read a damn thing about utilities and public works in the last 100 years so you're a little ignorant about all that.
Then we need a way to separate rural and urban markets so monopoly providers stop providing 'rural' speeds to high density areas. Of course even that would be gamed by the ISP/Cable lobby.
>I've been on 25/5 and on 3/1 and really can't tell much difference because most stuff is oversold to be barely tolerable
Just because you live in Comcast or Centurylink's area doesn't mean that other places with better internet don't exist. I currently have 100/10, and would I notice a difference between that and 25/5, no, but the four other people in my house watching videos and playing games don't notice each other slowing down the net either.
That said, until a way to sue ISPs for their complete and total lack of providing their advertized service exists, many places will continue to have crap service.
>Distributed generation, as it reduces the amount of electricity that must be moved over long distances, is more efficient, and therefore cheaper
Only if generation + losses is more expensive than each small generation plant, or have you forgot what economy of scale means.
Also distributed generation is expensive because the entire grid has to be redesigned from a from the centralized generation where a few big units determine the clock of the network to a smart network that will require millions if not billions in upgrades to stabilize millions of input sources.
Not a random length. You want a fixed total length. Say your longest possible password is 64 characters. You want to pad out every password to 96 characters, so if the users password is only 6 characters long an additional 90 random characters are padded. That way no statistical attacks can be performed.
That's for a random MITM attack. If the attacker controlled the non-https page that sent you to the https page he wanted information from almost all of that is predictable.
The NOC at our cable company was bitching to me about how bad newer Cisco enterprise equipment handled IPv6 at their headend. Just because an IPv6 tickbox is checked off by the manufacture doesn't mean it actually works right in production.
If the user didn't have a bandwidth cap, then no, you'd want to serve as much as possible, but have it in a low priority QoS profile. If the attacker was saving files you could exhaust their free disk space eventually, most of these hacked shells don't have terabytes available.
>You're wrong. Weak crypto is better than nothing.
I'd say you're wrong.
If your device only supports weak crypto it is highly likely that it is not receiving *any* updates. Crypto library errors (not related to the cipher itself) are far too common. These errors commonly lead to the compromise of the device. If https/ssl had not been enabled on the device, your data could be compromised but not the device itself (unless you send the device admin password in the cleartext).
>Some things just don't need to be encrypted. This recent "HTTPS everywhere!" crap is making things worse.
The problem in that is determining which things, and which things if intercepted will cause a security problem. For people on wireless, especially open wireless, https is another layer of protection that can keep local area attacker from compromising their equipment. From a security and anti-monitoring standpoint, everything needs encrypted.
> just because Google thinks that pulling down weather forecasts requires perfectly secure SSL connections?
Yes. Because *everything* that is served with a Google cookie or by a Google server should be protected by strong encryption so you can't use one function to attack another function inside the same domain. I'm pretty sure you're fucking clueless at the risk profiles at this point and why so many different groups want to get rid of SHA-1.
Software does wear out. It wears out when it becomes a serious risk to everyone that uses it.
If your shit is old, broken and obsolete, you are now responsible for putting a SHA2+ > SHA-1 conversion between them at your own cost.
> What business is it of Microsoft, or Alphabet (Google), or Mozilla if someone is using an insecure piece of software? It's not their system.
Herd immunity. Your insecure shit affects everybody on the internet. Which goes to the car thing... if your car is found to have a dangerous defect, the state you live in can black flag it and fine you or tow you if you drive it, until it is repaired. Or, in other cases you will not be able to get a certificate of inspection when your previous decal expires.
>Whatever happened to letting people decide how they manage their systems?
It turns out that 99% of them are fucking idiots that have open spam relays, scan other networks for, or otherwise cause problems.
But what's even funnier about your rant, is not, you don't have to upgrade your broken old crap. You just don't get to talk to my server. By being able to talk to my server with your broken shit, you make my server more insecure.
Slashdot Mirror
There is a reason parents supervise their kids internet. Letting a young teen on 4chan would lead to about the same ends. AI is still as gullible as a kid.
>When I can ask the AI 'I need a program that can beat any human at go' and it can deliver a product as good as AlphaGo then we'll truly have what counts as real AI.
Uh, if you can ask the AI that, then you already have an ASI. AlphaGo has taken at least 2 years to design along with the input of an entire team of programmers, experts, and go players.
No, if an AI can answer the question you want, it really has no need for humans any longer.
> we would not see this on the desktop in ten years.
The 5d version was based in a single server. It only had something like 8GPUs and 40 CPU cores and still was pretty good.
The 9d version is the distributed version that took so much processing power.
40TB HDD? It's apt to fail before you read all the data off of it... Ok, I'm only slightly joking there. The IOPS will still be piss poor on spinning media, so it will only get good throughput with large files, current benchmarks on 8TB drives show around a 150MBps read and write, if that holds the same, it will take over 70 hours to transfer all 40TB, in the best case scenarios.
> If an attacker can put a random binary on your local drive then they already own your machine
Pretty much no.
>If a miscreant cuts your brake line without your knowledge,
Terrible analogy. Because it's not what's occurring here. They don't have unrestricted access to critical systems on your car. It's more like they put a brake line cutting machine in your front seat. It's not until you get into the car and say "Are you sure you want to run the program START CAR with administrative access" that your line can be cut.
Let's go back to your original idea that the machine is compromised. If I have a virus file in C:\Dont_execute_anything_from_here, is my machine compromised? No, in most cases a file sitting on the drive would not randomly self execute. But, now let's say file "bad_code.exe" was written in such a way it took over program flow from my anti-virus when it was scanned. We would certainly say that the anti-virus vendor was at fault in this case.
>They've already owned the box just to put the DLL there.
Not exactly.
With UAC a prompt occurs to get administrative access, if this occurs at a time when the user does not expect it they may very well say no. Drive by downloads are one particular class of bug that can put a file in downloads, but have no risk of executing the file at that time, yes they are a bug that needs fixed, but one that seems to commonly occur. It is only later when an administrative installer executes that the system can be fully taken over.
Your stock can drop instantly by half due to a computer error, but if the actual value of your stock is worth more than that, it will quickly return to its original value. It's called holding long term.
The issue here that you're having a problem with is people near the trading core can react much faster to real bad news, and you don't like it much.
That is a silly view you have. You cares what the underlying technology is when you are making long term investments. HFT will just get your order filled faster. If you are attempting to day trade
Don't.
If it wasn't AB+ (which is really odd in a gov organization), you would just have an SSL inspection box that filtered out any crap they didn't want. Personally I don't want ads and their associated trackers 'monitoring' inside of government networks. Nefarious 3rd parties could easily buy or steal that data and use it to attack your network.
Buy a logging chain and wrap it around one of the cable junctions at the side of the road. Then figure out a way to attach it to a passing dump truck without a) ripping your arms off and b) getting caught. The broken windows fallacy is only a fallacy when it's keeping you from getting upgraded service.
>Do you expect your fellow citizens to pay more tax so that you can reap more private profit?
Yes. Because when you do this for something that isn't just a pet project, but benefits everyone in society it increases everybody's profit. Of course I'm sure you've not read a damn thing about utilities and public works in the last 100 years so you're a little ignorant about all that.
Then we need a way to separate rural and urban markets so monopoly providers stop providing 'rural' speeds to high density areas. Of course even that would be gamed by the ISP/Cable lobby.
Being the majority of the population lives in larger population centers, that is the correct solution.
>I've been on 25/5 and on 3/1 and really can't tell much difference because most stuff is oversold to be barely tolerable
Just because you live in Comcast or Centurylink's area doesn't mean that other places with better internet don't exist. I currently have 100/10, and would I notice a difference between that and 25/5, no, but the four other people in my house watching videos and playing games don't notice each other slowing down the net either.
That said, until a way to sue ISPs for their complete and total lack of providing their advertized service exists, many places will continue to have crap service.
>Distributed generation, as it reduces the amount of electricity that must be moved over long distances, is more efficient, and therefore cheaper
Only if generation + losses is more expensive than each small generation plant, or have you forgot what economy of scale means.
Also distributed generation is expensive because the entire grid has to be redesigned from a from the centralized generation where a few big units determine the clock of the network to a smart network that will require millions if not billions in upgrades to stabilize millions of input sources.
Not a random length. You want a fixed total length. Say your longest possible password is 64 characters. You want to pad out every password to 96 characters, so if the users password is only 6 characters long an additional 90 random characters are padded. That way no statistical attacks can be performed.
That's for a random MITM attack. If the attacker controlled the non-https page that sent you to the https page he wanted information from almost all of that is predictable.
>have been conditioned for years to believe anything plugged into the inside of their router is safe from outside access or discovery.
The nightmare of UPNP.
The NOC at our cable company was bitching to me about how bad newer Cisco enterprise equipment handled IPv6 at their headend. Just because an IPv6 tickbox is checked off by the manufacture doesn't mean it actually works right in production.
If the user didn't have a bandwidth cap, then no, you'd want to serve as much as possible, but have it in a low priority QoS profile. If the attacker was saving files you could exhaust their free disk space eventually, most of these hacked shells don't have terabytes available.
And IE has experienced a fair share of holes with mixed zone content compromising its browser.
Again, why should FF/Chrome compromise my machine because of your inability to keep your devices updated?
>You're wrong. Weak crypto is better than nothing.
I'd say you're wrong.
If your device only supports weak crypto it is highly likely that it is not receiving *any* updates. Crypto library errors (not related to the cipher itself) are far too common. These errors commonly lead to the compromise of the device. If https/ssl had not been enabled on the device, your data could be compromised but not the device itself (unless you send the device admin password in the cleartext).
>Some things just don't need to be encrypted. This recent "HTTPS everywhere!" crap is making things worse.
The problem in that is determining which things, and which things if intercepted will cause a security problem. For people on wireless, especially open wireless, https is another layer of protection that can keep local area attacker from compromising their equipment. From a security and anti-monitoring standpoint, everything needs encrypted.
>The cost of upgrading can be very high
In general it's higher than the cost of the hardware itself.
> just because Google thinks that pulling down weather forecasts requires perfectly secure SSL connections?
Yes. Because *everything* that is served with a Google cookie or by a Google server should be protected by strong encryption so you can't use one function to attack another function inside the same domain. I'm pretty sure you're fucking clueless at the risk profiles at this point and why so many different groups want to get rid of SHA-1.
Software does wear out. It wears out when it becomes a serious risk to everyone that uses it.
If your shit is old, broken and obsolete, you are now responsible for putting a SHA2+ > SHA-1 conversion between them at your own cost.
> What business is it of Microsoft, or Alphabet (Google), or Mozilla if someone is using an insecure piece of software? It's not their system.
Herd immunity. Your insecure shit affects everybody on the internet. Which goes to the car thing... if your car is found to have a dangerous defect, the state you live in can black flag it and fine you or tow you if you drive it, until it is repaired. Or, in other cases you will not be able to get a certificate of inspection when your previous decal expires.
>Whatever happened to letting people decide how they manage their systems?
It turns out that 99% of them are fucking idiots that have open spam relays, scan other networks for, or otherwise cause problems.
But what's even funnier about your rant, is not, you don't have to upgrade your broken old crap. You just don't get to talk to my server. By being able to talk to my server with your broken shit, you make my server more insecure.
Good riddance, you lice infected cur.