Consider my post suitable modified. Crust instead of mantle.
My assertion stands. This is a preliminary hypothesis. Your assertion that mainstream science hasn't grasped it yet means that there is insufficient evidence to support it. When that evidence is available, widespread acceptance will happen. Until then, it's just a hypothesis.
In 100% of all motor vehicle accidents, a human driver was involved. Ergo, human drivers cause motor vehicle accidents. Therefore, we must act immediately to remove all human drivers from the equation.
Okay, I can agree with that - but frankly, there are huge amounts of this already implemented in the world - implemented in hardware, incidentally. It's orders of magnitude harder to fix (which is why firmware and embedded systems usually go through so much more testing and evaluation prior to being made available).
Every enterprise I've worked for that uses IPMI (BMC, ALOM/ILOM, etc.) has put it on their intranet, not the internet - and as often as not, an especially inaccessible corner of the intranet.
Y'know, TCP/IP is inherently insecure. In fact, there's no effective built-in security there. IPMI itself is not secure because the security should not be implemented there; any more than network security should not be implemented in TCP/IP. Since this is a server related issue, IPMI implementers and users are presumed to understand this. Workstation users need not concern themselves with this. What sane workstation user will pay the extra money to get hardware with RAC technology?
The sorting is done by an algorithm, not by a human pushing an agenda. If A-Z sorting or numerical sorting were in use it would be no different - it would still be data accumulated and sorted by a ruleset.
Besides, this makes it easier for me to find the actual data about me that I might want to take action on. Sorta like the business directory portion of the phone book (A.K.A., the "Yellow Pages"). Let me guess - names like "AAA" and "ZZZZYZYZ" should be illegal because they produce an artificially ranked listing there, right?. And listing all auto mechanics in a section of that phone book called "Automotive Repair" - well, that's wrong too, eh?
TFA says these guys suggest it may be so. I'd say that they're close to postulating a hypothesis.
The next step will be to see if there is enough evidence to support a theoretical assertion. Then, testing and experimentation can be devised to either support or disprove that theory.
They're suggesting that the Earth's mantle (silicon with an extremely high percentage of impurities present) may act like a semiconductor (silicon with tiny percentages of specific impurities present), creating a natural Zener diode, a huge but inefficient one. I'm with you - skeptical. Still, it should be possible without too great an investment in manpower or materials to support or disprove their hypothesis. Should it survive that step to become a theory, supporting or disproving it shouldn't take too much more work.
Page two of the article used the "Insecure by Design" meme. I guess the fault's with the article, not the poster.
And - yes, these kind of incidents are mistakes. I stand by my previous assertion that nobody set out to create insecure embedded systems. Poor design, incorrect design, or just plain inept management oversight has led to these kinds of mistake. Much as I'd like to blame MicroSoft for all of it, I can't. Sorry - love to, can't. I'm still certain that all of the entities involved believed they had correctly and adequately mediated the risks . . . that, or they had some PHB breathing down their necks to do as they were told. Happens all the time - ask Scott Adams.
"Poorly designed", or "incorrectly designed" - perhaps. I'm fairly sure that even the ATM designers who went with an embedded MicroSoft operating system felt that they had mediated security risks adequately to deploy their systems. Incidentally, I had a chance to peek inside a local casino's slot machines - all of them, regardless of external appearance were based on an identical piece of hardware. Watching them boot showed me a MicroSoft OS underlying those slots. Not a problem, as I'm fairly certain that none of the slot machines on the floor have any conceivable way of ever connecting directly to any network except for the dark wire casinos use for exactly this purpose.
My takeaway point is that the summary is (IMHO) slightly biased. The original article appears to be well written. Just to ask - how many embedded systems should be permitted to ever connect to the internet? ATM's, for example, should demonstrably be either confined to a darknet or (as I've seen in some places) required to use dialup access. It's not perfect, but it adds a significant obstacle for crackers to overcome. The casino I mentioned earlier seems to get this point.
I don't mind smart appliances - but again, I don't see why they need internet access. The exceptions to this (smart TV's, for example) should be viewed with suspicion specifically because they are likely to be connected to the internet in some way, but my smart refrigerator probably shouldn't be - and ATM's, slot machines, SCADA systems, etc. almost certainly should never be.
But . . . you also are clearly in need of some help. One does not preclude the other.
The problem is that knowing you to be mentally unstable at best, permitting your software to run within my network would be foolish at best, insane at worst. Witness your habit of referring to yourself in the third person. You may think that's perfectly normal, but unless you were born to the blood royal it isn't.
Really - can you possibly believe that you wouldn't be recognized? Have you not noticed that you are not taken seriously here? You're a joke around here, and a bad one at that. A perfectly good programmer incapable of producing a usable program because of concerns regarding your mental health.
This is not a difficult problem to solve. When your issues have been addressed it will become obvious to the rest of us. Until then, any competent administrator will consider your software unsafe for use and you will not be taken seriously. The only possible exception would be people who are unaware of this side of your personality, and it would almost require an act of wilful blindness on the part of a professional administrator.
I'm glad you have chosen to approach this contact more openly. I am perfectly capable of reasonably admitting my mistakes (believe me, I've made quite a few more than you'll ever know about, youngster). I submit that should be your next step as well. It may not be as satisfying as venting your frustration but I think you will find it surprisingly productive.
Guaranteed two second latency, minimum. It actually takes time to get a radio signal up there. Less for LEOS than for satellites in geosynchronous orbit, but still...
They'd better be cheaply launchable as well. LEO satellites don't live in stable orbits. They have a definite, limited lifespan before they deorbit, as Earth's atmosphere doesn't "end here" - it just gets thinner and thinner as you climb (and no - it's not an asymptotic function of altitude. There is definitely a point where Earth's atmosphere ends, but it's above the orbit of LEO satellites).
I knew some guys who had done that three times previously. The fourth time they went for it, the court noticed it and seized everything. Their company went into receivership until the court was able to sell it - patents, inventory and all. The guys pulling this scam lost (after winning huge three times in succession).
Everyone's so worried about the three-letter organizations. Guess we'd better worry about the four-letter ones (best described using four-letter words).
There's no law preventing the service of extremely hot beverages here. There is a precedent in US civil law that doing so could leave one open to lawsuit. That's just one bad example. Not all civil lawsuits in the US are that idiotic; nor are the judgements rendered.
As has been noted elsewhere, McDonald's hasn't changed the brew temperature for their coffee, although I thought I'd heard somewhere that they did drop the hold temperature for coffee down somewhat. I could be mistaken on that point, but I do know that now they label their coffee cups with a message to the effect "this cup contains hot liquid. Do you think you can avoid spilling it in your crotch? Can you? Huh?" After all, I don't think McDonalds ever said their coffee was good for bathing genitalia.
This technique isn't that far from the one pioneered by Salk nearly a century ago. Isolate and identify the pathogen, then manufacture a weakened or dead version of the pathogen to inoculate patients.
He could have indeed remained silent, even continued working for them. What difference would that have made? None. What difference did his actions make? None.
Guys like me have been yelling about Echelon, Magic Lantern and half a dozen other "conspiracy" theories for decades now. The only change Snowden's 'revelations' made was that people have stopped telling me to take off my tinfoil hat (which I did some time ago - the radio waves coming through the tinfoil made it hard to hear the voices).
Slashdot Mirror
My assertion stands. This is a preliminary hypothesis. Your assertion that mainstream science hasn't grasped it yet means that there is insufficient evidence to support it. When that evidence is available, widespread acceptance will happen. Until then, it's just a hypothesis.
Anybody see a problem with that?
When you have enough money.
In 100% of all motor vehicle accidents, a human driver was involved. Ergo, human drivers cause motor vehicle accidents. Therefore, we must act immediately to remove all human drivers from the equation.
He was just experimenting with HTML formatting. It's a wondrous new world to him!
Okay, I can agree with that - but frankly, there are huge amounts of this already implemented in the world - implemented in hardware, incidentally. It's orders of magnitude harder to fix (which is why firmware and embedded systems usually go through so much more testing and evaluation prior to being made available).
Y'know, TCP/IP is inherently insecure. In fact, there's no effective built-in security there. IPMI itself is not secure because the security should not be implemented there; any more than network security should not be implemented in TCP/IP. Since this is a server related issue, IPMI implementers and users are presumed to understand this. Workstation users need not concern themselves with this. What sane workstation user will pay the extra money to get hardware with RAC technology?
Besides, this makes it easier for me to find the actual data about me that I might want to take action on. Sorta like the business directory portion of the phone book (A.K.A., the "Yellow Pages"). Let me guess - names like "AAA" and "ZZZZYZYZ" should be illegal because they produce an artificially ranked listing there, right?. And listing all auto mechanics in a section of that phone book called "Automotive Repair" - well, that's wrong too, eh?
The next step will be to see if there is enough evidence to support a theoretical assertion. Then, testing and experimentation can be devised to either support or disprove that theory.
They're suggesting that the Earth's mantle (silicon with an extremely high percentage of impurities present) may act like a semiconductor (silicon with tiny percentages of specific impurities present), creating a natural Zener diode, a huge but inefficient one. I'm with you - skeptical. Still, it should be possible without too great an investment in manpower or materials to support or disprove their hypothesis. Should it survive that step to become a theory, supporting or disproving it shouldn't take too much more work.
That's not funny, even with a rimshot.
And - yes, these kind of incidents are mistakes. I stand by my previous assertion that nobody set out to create insecure embedded systems. Poor design, incorrect design, or just plain inept management oversight has led to these kinds of mistake. Much as I'd like to blame MicroSoft for all of it, I can't. Sorry - love to, can't. I'm still certain that all of the entities involved believed they had correctly and adequately mediated the risks . . . that, or they had some PHB breathing down their necks to do as they were told. Happens all the time - ask Scott Adams.
"Poorly designed", or "incorrectly designed" - perhaps. I'm fairly sure that even the ATM designers who went with an embedded MicroSoft operating system felt that they had mediated security risks adequately to deploy their systems. Incidentally, I had a chance to peek inside a local casino's slot machines - all of them, regardless of external appearance were based on an identical piece of hardware. Watching them boot showed me a MicroSoft OS underlying those slots. Not a problem, as I'm fairly certain that none of the slot machines on the floor have any conceivable way of ever connecting directly to any network except for the dark wire casinos use for exactly this purpose.
My takeaway point is that the summary is (IMHO) slightly biased. The original article appears to be well written. Just to ask - how many embedded systems should be permitted to ever connect to the internet? ATM's, for example, should demonstrably be either confined to a darknet or (as I've seen in some places) required to use dialup access. It's not perfect, but it adds a significant obstacle for crackers to overcome. The casino I mentioned earlier seems to get this point.
I don't mind smart appliances - but again, I don't see why they need internet access. The exceptions to this (smart TV's, for example) should be viewed with suspicion specifically because they are likely to be connected to the internet in some way, but my smart refrigerator probably shouldn't be - and ATM's, slot machines, SCADA systems, etc. almost certainly should never be.
I'm not the one referring to himself in the third person.
The problem is that knowing you to be mentally unstable at best, permitting your software to run within my network would be foolish at best, insane at worst. Witness your habit of referring to yourself in the third person. You may think that's perfectly normal, but unless you were born to the blood royal it isn't.
Really - can you possibly believe that you wouldn't be recognized? Have you not noticed that you are not taken seriously here? You're a joke around here, and a bad one at that. A perfectly good programmer incapable of producing a usable program because of concerns regarding your mental health.
This is not a difficult problem to solve. When your issues have been addressed it will become obvious to the rest of us. Until then, any competent administrator will consider your software unsafe for use and you will not be taken seriously. The only possible exception would be people who are unaware of this side of your personality, and it would almost require an act of wilful blindness on the part of a professional administrator.
I'm glad you have chosen to approach this contact more openly. I am perfectly capable of reasonably admitting my mistakes (believe me, I've made quite a few more than you'll ever know about, youngster). I submit that should be your next step as well. It may not be as satisfying as venting your frustration but I think you will find it surprisingly productive.
Guaranteed two second latency, minimum. It actually takes time to get a radio signal up there. Less for LEOS than for satellites in geosynchronous orbit, but still...
They'd better be cheaply launchable as well. LEO satellites don't live in stable orbits. They have a definite, limited lifespan before they deorbit, as Earth's atmosphere doesn't "end here" - it just gets thinner and thinner as you climb (and no - it's not an asymptotic function of altitude. There is definitely a point where Earth's atmosphere ends, but it's above the orbit of LEO satellites).
I knew some guys who had done that three times previously. The fourth time they went for it, the court noticed it and seized everything. Their company went into receivership until the court was able to sell it - patents, inventory and all. The guys pulling this scam lost (after winning huge three times in succession).
Everyone's so worried about the three-letter organizations. Guess we'd better worry about the four-letter ones (best described using four-letter words).
As has been noted elsewhere, McDonald's hasn't changed the brew temperature for their coffee, although I thought I'd heard somewhere that they did drop the hold temperature for coffee down somewhat. I could be mistaken on that point, but I do know that now they label their coffee cups with a message to the effect "this cup contains hot liquid. Do you think you can avoid spilling it in your crotch? Can you? Huh?" After all, I don't think McDonalds ever said their coffee was good for bathing genitalia.
This technique isn't that far from the one pioneered by Salk nearly a century ago. Isolate and identify the pathogen, then manufacture a weakened or dead version of the pathogen to inoculate patients.
Just thought I'd ask.
Look, I know I'm lousy at impressions but can't you tell the difference between a German and a Russian accent?
You are . You also need professional help. The two are not mutually exclusive.
Stay right where you are. Now, just a little further to the left . . .
Guys like me have been yelling about Echelon, Magic Lantern and half a dozen other "conspiracy" theories for decades now. The only change Snowden's 'revelations' made was that people have stopped telling me to take off my tinfoil hat (which I did some time ago - the radio waves coming through the tinfoil made it hard to hear the voices).