You could probably build one with an Arduino chip in them for a lot less. How hard is it to emulate all the necessary features and print a 3D case that looks alike?
Yes, Unix is secure by design and Mac OS X has a built-in virus scanner. There is no need to run additional software as none of it would've stopped this exploit short of disabling Java (which was also lauded as secure by design/sandboxing)
I believe in the US the individual state DMV's have the safety requirements set with the NHTSA setting some guidelines. That's why in Nevada autonomic cars (such as Google Car) is allowed to drive but nowhere else (yet) or in California fully electric vehicles are allowed but nowhere else (yet).
FAA and FDA set federal guidelines for aviation and drugs but from working with the FDA, for electronic devices, all you need is a self-certification that your system works according to spec. I have been involved with writing software which can deliver certain forms of radiation, the only thing we needed to show to the FDA is that our work was being overseen by a PhD who himself didn't understand a line of code. Big companies (like GE and Siemens) outsource this certification to shill companies.
a) Not instant short circuit - the cigarette lighter is able to deliver ~10-15A which is plenty to put something (cabling, plastic or your tinfoil) on fire. b) There are fuses that protect the individual circuits. Outputs that have user-interaction are separately wired (so your iPod charger can't shut down the entire car while driving at full speed) c) Before you blow through the main fuse you would need to draw 80-120A. Those fuses are humongous. d) Even if you manage to blow all the fuses in the car, a gas engine is generally self-powered once it is started, also there is an alternator with a diode bridge which can likewise supply ~80-100A typically but would require a power draw of over 300A to blow through it's internal wiring.
But unlike ATX power supplies, the button is wired directly to the same system which has an OS between the two. ATX power supply and the motherboard are two separate entities, green wire to high or nc will shut the power supply down. In cars, the motherboard controls both the power supply and the rest of the controls with an OS similar to VxWorks.
If the car's electrical control system is malfunctioning, not so much. These days everything is on the same CAN bus (ignition, gears, pedals).
I have had a similar situation happen when my on-board car computer fried, the car was parked but the gearbox wouldn't shift it out of park, the key would operate the electrical system so the steering lock and anti-theft disengaged but the gear lever wouldn't change the gears from park to neutral.
The roadside assistance had fun towing that thing out of a tight parking spot, literally had to drag the thing slowly onto a flatbed, repairs (which were covered under warranty) took several days and would have been $1200 to ship a brand new computer system with matching keys and remotes.
There may not be a bubble but they have jurisdiction in and around any transport hub (busses, trains, planes, shipping centers, post offices...) and through the VIPR program they also have jurisdiction ANYWHERE as long as they 'coordinate' with local or federal law enforcement.
They have at least a USB port to be charging and syncing and you can buy external flash drives for them. Apple sells entire classroom solutions through their EDU reps.
Observation -> Hypothesis -> Predictions -> Test -> Observation -> Scientific Theory (-> Scientific Fact).
Most things in science are Theories - they are the best possible explanation for what we have observed in a verifiable test. Scientific facts are either necessarily vague or very dependent on space and time. There is also the Mathematical Proof in exact sciences.
Says who? It's sexual freedom at the very least which is a form of free speech. Having undefined "violent" pornography one could easily find consensual BDSM, rough sex, rape play, homosexuality and other sexual acts which are very normal.
And I mean ALL ATi cards since the early Radeon 7000's. And the problems aren't just isolated to Windows. You can't get a decent read on the vertical blank timings because their cards are simply shitty and will randomly have frame drops and latency. nVidia seems to have somewhat followed them in their path lately but they were pretty good before.
This is generally not a problem for gamers to lose 1 frame or have a couple of them a bit later (you can't notice it) but when you're doing psychophysics experiments, it becomes a huge fucking problem.
You're forgetting that most virusses and the like don't sit in the boot loader (which is the only thing that's signed). Yes, a bootloader can then load signed OS'es and signed OS'es load signed drivers but at some point, the user has to be able to install something too and that's where the problem lies.
Either you lock out the user or you allow for unsigned code to run (whether it be drivers or applications or scripts). You can't have both. And even if you only allow signed code to run, some programs interpret other code (say PHP or Perl or Python or Java or VBScript or.NET) which will allow any code to run as 'signed'.
So if you go the signing route, in the first place you exclude all tinkerers who load custom Arduino's or other freelance developers (whether it be cell phones or dive computers). Then you also exclude all cheap and unapproved hardware from el-cheapo manufacturer so the control over what hardware you can buy comes to lie with MS. Then you also exclude all custom development and code which will be murder for the Windows platform as that's the ONLY thing that keeps it afloat in the enterprise world.
Or you go the route of allowing developers to run unsigned code and you just defeated your whole 'security' setup.
And with 'thoroughly written' I mean decently written software which most malware is these days. Malware is some of the most efficient and best code around compared to some custom enterprise crap I've seen floating in my days. It only takes one decent programmer and has already been evidenced by malware being available for Windows 8.
Yup. It solves nothing really as a thoroughly written compromise won't change the bits this "technology" checks and we all know the relevant keys will 'leak' at an opportune time for a large government entity to release their software against other large government entity. This is all about control.
b) "Secure Boot"-enabled devices means "Signed by Microsoft only". Microsoft Secure Boot is MS's implementation of UEFI's Secure boot feature. Secure boot is not necessarily a bad thing, Secure Boot is.
That's blatantly untrue. Apple DOES release GPL'd software. You should look into this thing they have called "Mac OS X". Even Microsoft releases GPL software (Windows Services for UNIX).
All motherboard manufacturers have to do is implement UEFI without the encrypted/approved boot loaders. If an OEM wants to do that, that's on them. UEFI is a decent standard but MS perverts it by requiring they are the keepers of the key to the kingdom. Even if they allow anyone and everyone to run on them, what's to say they'll still be around in a decade when Ballmer runs the company over a cliff?
There are non-SecureBoot EFI devices out there. Heck, EFI is a lot older than you think, from ~2000 I think (with Intel Itanium) SecureBoot was only introduced in version 2.2 of UEFI. Even Mac's have EFI and it's both open and replaceable, there has been an open source EFI available since ~2009
The thing is, Apple used the data from a 'reputable' vendor (TomTom). Nobody made any noise ever about stand-alone TomTom devices.
Where I am and in most other places (North America and Europe), the data is as good as any (Google, Garmin, OSM or others) and you can find mistakes on any maps, heck, if there is a mistake in the data for any of the above mentioned, blame the government(s) because they are the ones that release the vector data for all streets in their jurisdictions. The biggest problems with it seem to be in Asia where government data isn't all that accurate.
That's talking about actual map data (the thing that may get you lost). There is a lot more POI data that Apple Maps is either missing or inaccurate and that is directly due to the TomTom data. I also have a Garmin device personally and the POI data is even worse than either the TomTom device or the Apple device, again, nobody has complained about that in years because the address (instead of the POI) usually gets you to the right place and who uses that silly POI data anyway?
Why is the POI data so inaccurate? Because most of it is gleaned from mobile devices with very inaccurate GPS data. For that you can blame all non-iOS and non-Android devices (and even some very cheap Android devices). Symbian and Blackberry both had major issues with the GPS coordinates and when those are then passed through apps to things like Yelp (which resells to the GPS vendors), hilarity ensues.
All iDevices (and most upscale Android devices) can be remotely bricked if set up properly. The problem is 90% of the owners have no clue this is a free service that would immediately drop the want for expensive bricks.
You could probably build one with an Arduino chip in them for a lot less. How hard is it to emulate all the necessary features and print a 3D case that looks alike?
Yes, Unix is secure by design and Mac OS X has a built-in virus scanner. There is no need to run additional software as none of it would've stopped this exploit short of disabling Java (which was also lauded as secure by design/sandboxing)
Even if it breaks even or a net loss, it is a way better investment than the billions spent on "defense".
I believe in the US the individual state DMV's have the safety requirements set with the NHTSA setting some guidelines. That's why in Nevada autonomic cars (such as Google Car) is allowed to drive but nowhere else (yet) or in California fully electric vehicles are allowed but nowhere else (yet).
FAA and FDA set federal guidelines for aviation and drugs but from working with the FDA, for electronic devices, all you need is a self-certification that your system works according to spec. I have been involved with writing software which can deliver certain forms of radiation, the only thing we needed to show to the FDA is that our work was being overseen by a PhD who himself didn't understand a line of code. Big companies (like GE and Siemens) outsource this certification to shill companies.
a) Not instant short circuit - the cigarette lighter is able to deliver ~10-15A which is plenty to put something (cabling, plastic or your tinfoil) on fire.
b) There are fuses that protect the individual circuits. Outputs that have user-interaction are separately wired (so your iPod charger can't shut down the entire car while driving at full speed)
c) Before you blow through the main fuse you would need to draw 80-120A. Those fuses are humongous.
d) Even if you manage to blow all the fuses in the car, a gas engine is generally self-powered once it is started, also there is an alternator with a diode bridge which can likewise supply ~80-100A typically but would require a power draw of over 300A to blow through it's internal wiring.
But unlike ATX power supplies, the button is wired directly to the same system which has an OS between the two. ATX power supply and the motherboard are two separate entities, green wire to high or nc will shut the power supply down. In cars, the motherboard controls both the power supply and the rest of the controls with an OS similar to VxWorks.
If the car's electrical control system is malfunctioning, not so much. These days everything is on the same CAN bus (ignition, gears, pedals).
I have had a similar situation happen when my on-board car computer fried, the car was parked but the gearbox wouldn't shift it out of park, the key would operate the electrical system so the steering lock and anti-theft disengaged but the gear lever wouldn't change the gears from park to neutral.
The roadside assistance had fun towing that thing out of a tight parking spot, literally had to drag the thing slowly onto a flatbed, repairs (which were covered under warranty) took several days and would have been $1200 to ship a brand new computer system with matching keys and remotes.
There may not be a bubble but they have jurisdiction in and around any transport hub (busses, trains, planes, shipping centers, post offices...) and through the VIPR program they also have jurisdiction ANYWHERE as long as they 'coordinate' with local or federal law enforcement.
They have at least a USB port to be charging and syncing and you can buy external flash drives for them. Apple sells entire classroom solutions through their EDU reps.
It's really:
Observation -> Hypothesis -> Predictions -> Test -> Observation -> Scientific Theory (-> Scientific Fact).
Most things in science are Theories - they are the best possible explanation for what we have observed in a verifiable test. Scientific facts are either necessarily vague or very dependent on space and time. There is also the Mathematical Proof in exact sciences.
Says who? It's sexual freedom at the very least which is a form of free speech. Having undefined "violent" pornography one could easily find consensual BDSM, rough sex, rape play, homosexuality and other sexual acts which are very normal.
Apple, HP, Lenovo, Acer, Asus, ...
And I mean ALL ATi cards since the early Radeon 7000's. And the problems aren't just isolated to Windows. You can't get a decent read on the vertical blank timings because their cards are simply shitty and will randomly have frame drops and latency. nVidia seems to have somewhat followed them in their path lately but they were pretty good before.
This is generally not a problem for gamers to lose 1 frame or have a couple of them a bit later (you can't notice it) but when you're doing psychophysics experiments, it becomes a huge fucking problem.
You can convince someone to write the binary code of a program in notepad if it means they get to see Anna Kournikova's titties.
That was what I was thinking. If the thing stops in the next couple of years and turns around, there may be something else going on.
You're forgetting that most virusses and the like don't sit in the boot loader (which is the only thing that's signed). Yes, a bootloader can then load signed OS'es and signed OS'es load signed drivers but at some point, the user has to be able to install something too and that's where the problem lies.
Either you lock out the user or you allow for unsigned code to run (whether it be drivers or applications or scripts). You can't have both. And even if you only allow signed code to run, some programs interpret other code (say PHP or Perl or Python or Java or VBScript or .NET) which will allow any code to run as 'signed'.
So if you go the signing route, in the first place you exclude all tinkerers who load custom Arduino's or other freelance developers (whether it be cell phones or dive computers).
Then you also exclude all cheap and unapproved hardware from el-cheapo manufacturer so the control over what hardware you can buy comes to lie with MS.
Then you also exclude all custom development and code which will be murder for the Windows platform as that's the ONLY thing that keeps it afloat in the enterprise world.
Or you go the route of allowing developers to run unsigned code and you just defeated your whole 'security' setup.
And with 'thoroughly written' I mean decently written software which most malware is these days. Malware is some of the most efficient and best code around compared to some custom enterprise crap I've seen floating in my days. It only takes one decent programmer and has already been evidenced by malware being available for Windows 8.
Yup. It solves nothing really as a thoroughly written compromise won't change the bits this "technology" checks and we all know the relevant keys will 'leak' at an opportune time for a large government entity to release their software against other large government entity. This is all about control.
Non-issue except that Microsoft won't allow you to change the keys or won't sign your custom software without forking large amounts of cash to them.
a) Slashdot probably hyped up the news story.
b) "Secure Boot"-enabled devices means "Signed by Microsoft only". Microsoft Secure Boot is MS's implementation of UEFI's Secure boot feature. Secure boot is not necessarily a bad thing, Secure Boot is.
That's blatantly untrue. Apple DOES release GPL'd software. You should look into this thing they have called "Mac OS X". Even Microsoft releases GPL software (Windows Services for UNIX).
The problem is that MS is not obligated to certify anyone, that it costs a boatload of money to MS and that MS won't be around forever to do it.
All motherboard manufacturers have to do is implement UEFI without the encrypted/approved boot loaders. If an OEM wants to do that, that's on them. UEFI is a decent standard but MS perverts it by requiring they are the keepers of the key to the kingdom. Even if they allow anyone and everyone to run on them, what's to say they'll still be around in a decade when Ballmer runs the company over a cliff?
There are non-SecureBoot EFI devices out there. Heck, EFI is a lot older than you think, from ~2000 I think (with Intel Itanium) SecureBoot was only introduced in version 2.2 of UEFI. Even Mac's have EFI and it's both open and replaceable, there has been an open source EFI available since ~2009
The thing is, Apple used the data from a 'reputable' vendor (TomTom). Nobody made any noise ever about stand-alone TomTom devices.
Where I am and in most other places (North America and Europe), the data is as good as any (Google, Garmin, OSM or others) and you can find mistakes on any maps, heck, if there is a mistake in the data for any of the above mentioned, blame the government(s) because they are the ones that release the vector data for all streets in their jurisdictions. The biggest problems with it seem to be in Asia where government data isn't all that accurate.
That's talking about actual map data (the thing that may get you lost). There is a lot more POI data that Apple Maps is either missing or inaccurate and that is directly due to the TomTom data. I also have a Garmin device personally and the POI data is even worse than either the TomTom device or the Apple device, again, nobody has complained about that in years because the address (instead of the POI) usually gets you to the right place and who uses that silly POI data anyway?
Why is the POI data so inaccurate? Because most of it is gleaned from mobile devices with very inaccurate GPS data. For that you can blame all non-iOS and non-Android devices (and even some very cheap Android devices). Symbian and Blackberry both had major issues with the GPS coordinates and when those are then passed through apps to things like Yelp (which resells to the GPS vendors), hilarity ensues.
All iDevices (and most upscale Android devices) can be remotely bricked if set up properly. The problem is 90% of the owners have no clue this is a free service that would immediately drop the want for expensive bricks.