In the end it's just a Git repo, if you have 20 programmers, you have at least one of them that can set up a server somewhere, there are even VPS providers that will fully manage a container. Sure the UI is nice, but there are better Git programs on the desktop, most of which are free.
The problem seems to be '600 employees'. I can understand a handful of coders, designers and sales people but 600 of them and then sending those 600 people all over the world? That's a huge enterprise, you could run Github on the management costs of that bunch alone unless those people are actually supporting the programs you have put in your GitHub for you, I don't see how that is even remotely possible.
The only way to reboot a locked macOS is to physically turn it off, this pretty much un-powers the memory and removes any trace of a password in there.
From what I understand, it can read the credentials in between the EFI unlocking the disk and the OS loading the VT-d protection, so either you have turned your machine to sleep in between those moments or you have a method of reloading the OS (soft reboot) without the memory in RAM decaying.
And as we have learned, credibility is largely dependent on who a person or group trusts.
Breitbart, Infowars, Fox News on one end and CNN, Salon and HuffPo are all 'credible' news sources to many people, yet I wouldn't trust any of them to fact-check anything, we've learned how well either of those avenues went last election. Snopes and Politifact are similarly plagued with past credibility or at least bias issues.
Again, do your own "fact" checking and if it seems like both sides are screaming opposite 'facts', then you know it's probably neither.
All a hypervisor is is a program telling the processor it's a hypervisor and then it can do whatever (given off course the OS has given it such privileges to the CPU). The EFI can simply say to the CPU "hey, I'm a hypervisor, block all access to the/this memory from any attached devices" until a 'fuller' OS comes along and then it just hands whatever credentials over.
VT-d is an extension to the x86 CPU instruction set specifically for these kinds of purposes since these days everything is virtualized and things like GPU's can pretty much run any random program, a virtualized guest using a hardware GPU could program the GPU to copy any memory the GPU has access to (which for historical reasons and DMA, is pretty much anything). VT-d simply locks the CPU to only give a device access to whatever memory a hypervisor allows it access to.
It seems the tally is off by 1/3rd of the vote in that county. "They didn't record entries in the poll book" - what do you think that means, either they didn't show up and the ballots were stuffed afterwards or a concerted effort of election officials to not put entires in the poll books? Suspiciously, once that news came out, 24h later the decision was made to cancel the recount by the same Obama-appointed judge that called for it in the first place.
Or the fact checkers are either biased or in on it.
You should be very careful about people that say they have the 'truth' or 'facts' about anything. Whether you call them fact-checkers or censors, the result remains the same.
The 'hack' requires the device to be plugged in while the user types in the password. It's an advanced type of key logger but requires a huge chunk of hardware to be attached.
The 'hack' is prevented by enabling VT-d (basically virtualization of the PCIe devices) which prevents PCIe devices to have direct access to the hypervisor's memory.
Retrieve memory from the target system at >150MB/s. Write data to the target system memory. 4GB memory can be accessed in native DMA mode. ALL memory can be accessed if kernel module (KMD) is loaded. Execute kernel code on the target system. Spawn system shell [Windows]. Spawn any executable [Windows]. Load unsigned drivers [Windows]. Pull files [Linux, FreeBSD, Windows, macOS]. Push files [Linux, Windows, macOS]. Patch / Unlock (remove password requirement) [Windows, macOS].
All of the above does not work in latest macOS and Linux, works in pretty much any older Linux or Windows version, protection feature set for Windows only available in Windows Enterprise.
Also today: CIA and NSA brass has refused to testify in front of congress as to the facts of these allegations. The narrative being pushed into the media and the very circumstantial evidence together with the "just trust us, we are the good guys" makes it seem very fishy. Clinton has indicated she wants to steer into another Cold War, her surprise loss to Trump sent the industrial complex into a frenzy trying to force the hands of both Russia and US.
There is a difference between us being forced into trades that import goods and export labour vs. trades that are exporting goods and import labour.
Unless you want NAFTA/TPP and the associated global copyright police to continue proliferating. Those are bad examples, they force Western labor into a marketplace they cannot compete with (namely the cheap, unregulated Asian work/slave forces).
There is no evidence Russia had anything to do with the hacking of the e-mails, Wikileaks revealed them but they were most likely an internal leak (William Binney, an NSA whistleblower has posited as much publicly).
And if we keep the current pace previous presidents have set us on we will fail as a nation. Obamacare is about to run out of steam with costs rising 20-500% in the next year for pretty much everyone, Social Security has been bankrupted, national debt and budgets are way worse than some 3rd world countries, companies are fleeing, there will be a husk left if nothing gets done.
Okay, they are expensive VPS with an API to generate more VPS from a barebones image. Once you get down to the metal, there is actually nothing new or complex to the whole cloud thing, yes, the programs are more complex to bootstrap a virtual datacenter instead of a single virtual server but there is no 'special sauce' going on that turns it into a self-aware entity that knows how to obtain more resources.
We had a similar setup way back when I first entered the industry at a dotcom hosting company, I was one of a total of 4 engineers and 4 programmers (about 12 staff total) operating 2 fully owned data centers and 3 shared data centers, each had several thousand nodes, being backed up, deployed on demand etc. We rented out dedicated machines, virtual machines (containers) and shared hosting.
I highly doubt they are going to call the White House public phone numbers. Do you really think the Obama's school teachers have to schedule calls 6m ahead? They still have private numbers and a select group of people has access to them, among them are the rich and famous that a president needs/wants, lobbyists that have donated(bribed) previous offices and campaigns of the party or president.
I also don't think Trump is going to follow protocol (for good or for bad). The president has at least for the last few decades been a figurehead for the political party they belong to, tightly scheduled and controlled so as to limit their exposure and guide decision making according to the collective political plans, that was clear when 9/11 happened and Bush was in a classroom, he had no clue what to do next because nobody prodded him. It seems that Trump wants to run the country as a business and he takes being the president as being a CEO of the USA with control over what the US is going to do, he's going to quickly realize layers and layers of politicians are going to stop any and all decision making he wants to do until he gets "in line", it happened to Obama (let's close Gitmo, pull out the Middle East and comprehensive health insurance for everyone) and will happen to Trump because the military wants to stay in the Middle East, politicians tough on crime want to keep hellhole prisons and the health industry wants to keep gouging you for medicine and those interests are much more powerful (and deadly) than a single person.
It seems companies are finally realizing they've been over-saturating the market with cheap VPS and people are finally starting to realize the security and other implications of shared hosting at a handful of providers.
I don't know if Dyn's outage a few weeks ago finally got the managers to listen and start diversifying their systems again.
I don't have a problem with features like WebRTC, there is a problem with browsers just allowing it to do things without asking. If you got a message saying, hey this site is trying to make a phone call. Or simply block all code that doesn't originate from the website you're trying to visit.
If your org chart is top heavy or vertical layers of managers (lots of upper and middle management) you can quickly conclude that things have to be shaken up. It also helps to see who to call in case of a problem. I've seen organizations where there were more managers than workers, in those cases you can easily snip out entire layers without affecting actual productivity.
The problem is that they are missing things like isolation transformers. They are directly ran from the net, converted to 155-325 VDC (VAC * sqrt(2)) often with a single diode instead of a bridge, the transformer you may see could be a flyback to create a chopper but the isolation circuit between the PWM and the mains is often missing (who needs a $5 opto-isolator when a $0.25 transistor will do)
I've seen circuits that are literally textbook circuits, those are barebones introductory to understand the operation of a SMPS, not intended as a proper designed circuit.
A 60W DC-DC converter chip alone costs ~$10 and change in volumes of 100+ without the heat sink, coils, capacitors, wiring, casing, design, marketing, sales or profit.
If your power adapter costs $20 your charger most likely is based on a reference design which is not even halfway complete.
No, $70 is about average for a good compact high power power supply. Just a good DC-DC converter chip costs ~$10 in large volumes, if your power supply costs less than the components it (should) be made out of, they're skimping on something and you can be sure that it won't be good for you.
it you take over a business, one of the first thing you do is ask for an org chart. That way you know who is in charge and where the waste is. Let's say the company is spending a million dollar on travel expenses to a UN convention, the first question would be: so who is going that it costs us so much money, what did you learn and how did you turn that into progress, that is regardless of your personal opinion on whether the topic was legitimate.
Slashdot Mirror
But as I said, there's plenty of providers being able to spin that up and once it's 'figured out' you can always spin up more.
In the end it's just a Git repo, if you have 20 programmers, you have at least one of them that can set up a server somewhere, there are even VPS providers that will fully manage a container. Sure the UI is nice, but there are better Git programs on the desktop, most of which are free.
The problem seems to be '600 employees'. I can understand a handful of coders, designers and sales people but 600 of them and then sending those 600 people all over the world? That's a huge enterprise, you could run Github on the management costs of that bunch alone unless those people are actually supporting the programs you have put in your GitHub for you, I don't see how that is even remotely possible.
The only way to reboot a locked macOS is to physically turn it off, this pretty much un-powers the memory and removes any trace of a password in there.
From what I understand, it can read the credentials in between the EFI unlocking the disk and the OS loading the VT-d protection, so either you have turned your machine to sleep in between those moments or you have a method of reloading the OS (soft reboot) without the memory in RAM decaying.
And as we have learned, credibility is largely dependent on who a person or group trusts.
Breitbart, Infowars, Fox News on one end and CNN, Salon and HuffPo are all 'credible' news sources to many people, yet I wouldn't trust any of them to fact-check anything, we've learned how well either of those avenues went last election. Snopes and Politifact are similarly plagued with past credibility or at least bias issues.
Again, do your own "fact" checking and if it seems like both sides are screaming opposite 'facts', then you know it's probably neither.
All a hypervisor is is a program telling the processor it's a hypervisor and then it can do whatever (given off course the OS has given it such privileges to the CPU). The EFI can simply say to the CPU "hey, I'm a hypervisor, block all access to the/this memory from any attached devices" until a 'fuller' OS comes along and then it just hands whatever credentials over.
VT-d is an extension to the x86 CPU instruction set specifically for these kinds of purposes since these days everything is virtualized and things like GPU's can pretty much run any random program, a virtualized guest using a hardware GPU could program the GPU to copy any memory the GPU has access to (which for historical reasons and DMA, is pretty much anything). VT-d simply locks the CPU to only give a device access to whatever memory a hypervisor allows it access to.
AMD has a similar/compatible instruction set.
It seems the tally is off by 1/3rd of the vote in that county. "They didn't record entries in the poll book" - what do you think that means, either they didn't show up and the ballots were stuffed afterwards or a concerted effort of election officials to not put entires in the poll books? Suspiciously, once that news came out, 24h later the decision was made to cancel the recount by the same Obama-appointed judge that called for it in the first place.
Or the fact checkers are either biased or in on it.
You should be very careful about people that say they have the 'truth' or 'facts' about anything. Whether you call them fact-checkers or censors, the result remains the same.
The 'hack' requires the device to be plugged in while the user types in the password. It's an advanced type of key logger but requires a huge chunk of hardware to be attached.
The 'hack' is prevented by enabling VT-d (basically virtualization of the PCIe devices) which prevents PCIe devices to have direct access to the hypervisor's memory.
The $300 device can also do the following:
Retrieve memory from the target system at >150MB/s.
Write data to the target system memory.
4GB memory can be accessed in native DMA mode.
ALL memory can be accessed if kernel module (KMD) is loaded.
Execute kernel code on the target system.
Spawn system shell [Windows].
Spawn any executable [Windows].
Load unsigned drivers [Windows].
Pull files [Linux, FreeBSD, Windows, macOS].
Push files [Linux, Windows, macOS].
Patch / Unlock (remove password requirement) [Windows, macOS].
All of the above does not work in latest macOS and Linux, works in pretty much any older Linux or Windows version, protection feature set for Windows only available in Windows Enterprise.
Pretty much any news outlet except for CNN:
http://www.usatoday.com/story/...
Also today: CIA and NSA brass has refused to testify in front of congress as to the facts of these allegations. The narrative being pushed into the media and the very circumstantial evidence together with the "just trust us, we are the good guys" makes it seem very fishy. Clinton has indicated she wants to steer into another Cold War, her surprise loss to Trump sent the industrial complex into a frenzy trying to force the hands of both Russia and US.
And now the CIA is refusing to back up that claim and witness to congress?
There is a difference between us being forced into trades that import goods and export labour vs. trades that are exporting goods and import labour.
Unless you want NAFTA/TPP and the associated global copyright police to continue proliferating. Those are bad examples, they force Western labor into a marketplace they cannot compete with (namely the cheap, unregulated Asian work/slave forces).
There is no evidence Russia had anything to do with the hacking of the e-mails, Wikileaks revealed them but they were most likely an internal leak (William Binney, an NSA whistleblower has posited as much publicly).
Digital attacks on state election boards were done by federal intelligence agencies: http://www.cnbc.com/2016/12/08...
And if we keep the current pace previous presidents have set us on we will fail as a nation. Obamacare is about to run out of steam with costs rising 20-500% in the next year for pretty much everyone, Social Security has been bankrupted, national debt and budgets are way worse than some 3rd world countries, companies are fleeing, there will be a husk left if nothing gets done.
Okay, they are expensive VPS with an API to generate more VPS from a barebones image. Once you get down to the metal, there is actually nothing new or complex to the whole cloud thing, yes, the programs are more complex to bootstrap a virtual datacenter instead of a single virtual server but there is no 'special sauce' going on that turns it into a self-aware entity that knows how to obtain more resources.
We had a similar setup way back when I first entered the industry at a dotcom hosting company, I was one of a total of 4 engineers and 4 programmers (about 12 staff total) operating 2 fully owned data centers and 3 shared data centers, each had several thousand nodes, being backed up, deployed on demand etc. We rented out dedicated machines, virtual machines (containers) and shared hosting.
I highly doubt they are going to call the White House public phone numbers. Do you really think the Obama's school teachers have to schedule calls 6m ahead? They still have private numbers and a select group of people has access to them, among them are the rich and famous that a president needs/wants, lobbyists that have donated(bribed) previous offices and campaigns of the party or president.
I also don't think Trump is going to follow protocol (for good or for bad). The president has at least for the last few decades been a figurehead for the political party they belong to, tightly scheduled and controlled so as to limit their exposure and guide decision making according to the collective political plans, that was clear when 9/11 happened and Bush was in a classroom, he had no clue what to do next because nobody prodded him. It seems that Trump wants to run the country as a business and he takes being the president as being a CEO of the USA with control over what the US is going to do, he's going to quickly realize layers and layers of politicians are going to stop any and all decision making he wants to do until he gets "in line", it happened to Obama (let's close Gitmo, pull out the Middle East and comprehensive health insurance for everyone) and will happen to Trump because the military wants to stay in the Middle East, politicians tough on crime want to keep hellhole prisons and the health industry wants to keep gouging you for medicine and those interests are much more powerful (and deadly) than a single person.
It seems companies are finally realizing they've been over-saturating the market with cheap VPS and people are finally starting to realize the security and other implications of shared hosting at a handful of providers.
I don't know if Dyn's outage a few weeks ago finally got the managers to listen and start diversifying their systems again.
I don't have a problem with features like WebRTC, there is a problem with browsers just allowing it to do things without asking. If you got a message saying, hey this site is trying to make a phone call. Or simply block all code that doesn't originate from the website you're trying to visit.
Then how would you do things like tracking your users or serving them exploits or show them ads that pop up/under or cover the entire screen?
If ads can't be annoying they would have less value.
If your org chart is top heavy or vertical layers of managers (lots of upper and middle management) you can quickly conclude that things have to be shaken up. It also helps to see who to call in case of a problem. I've seen organizations where there were more managers than workers, in those cases you can easily snip out entire layers without affecting actual productivity.
The problem is that they are missing things like isolation transformers. They are directly ran from the net, converted to 155-325 VDC (VAC * sqrt(2)) often with a single diode instead of a bridge, the transformer you may see could be a flyback to create a chopper but the isolation circuit between the PWM and the mains is often missing (who needs a $5 opto-isolator when a $0.25 transistor will do)
I've seen circuits that are literally textbook circuits, those are barebones introductory to understand the operation of a SMPS, not intended as a proper designed circuit.
A 60W DC-DC converter chip alone costs ~$10 and change in volumes of 100+ without the heat sink, coils, capacitors, wiring, casing, design, marketing, sales or profit.
If your power adapter costs $20 your charger most likely is based on a reference design which is not even halfway complete.
No, $70 is about average for a good compact high power power supply. Just a good DC-DC converter chip costs ~$10 in large volumes, if your power supply costs less than the components it (should) be made out of, they're skimping on something and you can be sure that it won't be good for you.
it you take over a business, one of the first thing you do is ask for an org chart. That way you know who is in charge and where the waste is. Let's say the company is spending a million dollar on travel expenses to a UN convention, the first question would be: so who is going that it costs us so much money, what did you learn and how did you turn that into progress, that is regardless of your personal opinion on whether the topic was legitimate.