Berlusconi didn't cause me to hear anything negative about Italy, so I wonder.
really? We certainly laughed about it... Honestly, it's things like that which makes it hard to take Italy serious... It makes you question if it's even a first world nation.
....that black hosts were also less likely to accept requests from guests with African American-sounding names than with white-sounding ones.
My company recently offered debiasing training for hiring... Being an arrogant white male chauvinist pig from a country with little diversity I'll admit I was slightly skeptical. But the training was rather academic and presented some interesting perspectives:
1) it's not racism, it's largely bias (it's predominately unintentional)
2) bias is an deviation error in our decision function (we're not making optimal decisions)
3) bias is a part of our culture (it doesn't matter whether you are part of the minority that there is a negative bias towards - everybody is biased - it's in our culture)
In many ways the good news is we're not all racists, but most of us are likely biased (unintentionally). Anyways, doing something to blind ourselves from our own bias is a positive thing, as it just corrects an error in our decision logic that currently causes us to make sub-optimal decisions. Note: and correcting the error in our decision function should ideally lead to more profit, in addition to the much more important human fairness aspects.
From what understand Mozilla is working hard to make sure EME will work with firefox under linux... It'll still require binary blobs, but these can be downloaded automatically and will run completely sandboxed.
Mozilla took a lot of fire for the decision to support EME, but in reality the alternative is that DRM'ed content will only be available on Windows/OS X/IOS/Android/ChromeOS using IE/saferi/chrome.
Yes, EME is still a sad practical choice, but at least the linux desktop will continue to be a viable option. That's how I see it.
I doubt that one would be accepted... perhaps as a compromise we just have everybody walk past a bomb sniffing dog... It'll create the same illusion of security.
And if we train the bomb sniffing dogs to be sit really still, then 6 months from now we can replace them with stuffed dogs as a further cost saving measure:)
It's amazing the morons in EU\EC think they can harass US companies and not evoke a response from the US.
Oh, cry me a river... There are courts in the EU, you are more likely to see your rights honor there than in the US, a country known to deny effective council, torture people and lock up people without trial.
When you workaround taxes in both the EU and US, I for one encourage Vestager to throw the book at you. Really, when a company like Apple decides to test boundaries of the law, Apple should expect the authorities to do exactly the same.
On topic, I'm sure the US generally likes this because without this pressure the money would have stayed in tax shelters. I for one think it's okay to go after companies that are actively speculating against the state, in hope of better future tax breaks...
3. attacker VM must know the contents of the page in the victim VM
Not that hard... Often people will use a public virtual machine image for database server, proxy, load-balancer, or container host. I'm sure coreos is rarely customized, I see few reasons to do. It's often neat to attach extra disks and use cloud-init to configure VMs, rather than building custom VMs.
And even if you do build custom VMs, you're often basing it of some official VM.
My problem with unity is the papercuts... Opening dash and sometimes I can't get a terminal by typing t + enter, other times it works... Small things like that..
Oh, and animations and stuff that flickers... Even with intel graphics and latest ubuntu it still felt sketchy and crash occasionally.
Gnome shell isn't much better, but a little... as long as get nautilus as patch by ubuntu, can't live without decent type-ahead... I tried, and I'll never be able to move away...
There aren't many 30k/yr H1Bs see the distribution: https://www.graphiq.com/vlp/YQ...
And this is a strict lower bound, I make a lot more than what is reported in my LCA. Sure there is some abuse IMO 60-80k is problematic.
Most likely it seems like you just need the laws to be enforced... Like so many other broken things in America.
Most of the time you don't just store data.. Often you need to process it too, and doing so in the cloud is easy and cheap, thus you need the decrypted data in the cloud.
A smart provider however will have implemented its data management software in such a way that only his client has the key to decrypt the data it just turned over to the government. That way it cannot even be forced to decrypt it without violating the rules of mathematics and complexity theory.
The problem is that sometimes the key is temporarily present on the providers machines, either sent with API requests for server-side encryption, or present on a VM running client software in provider cloud.
And as of recent stories it seems US govt believes it can't force the cloud provider to record the key when temporarily present. To me that is the equivalent for forcing the provider to spy on your behalf because the provider isn't merely providing stuff it has on file. Curious what is your take on this?
If you need to share the key with the provider....
Yes, it's not the same a client side encryption. It's hardly an alternative, but it is most certainly a valuable addition.
It won't protect you from the NSA, etc.. But it can protect you from accidental leaks of credentials, compromised accounts, rouge under paid datacenter interns, discarded harddrives ending up who know where... Or software bugs at the provider.
It's an extra layer of attack mitigation that you should use in combination with client encryption, because client side encryption is easy to get wrong, so having an extra layer is good.
Also I'm sure this helps with compliance of regulations that might not always make sense...
I guess for most people Moore's law is going to be reformulated to fit whatever narrative you're trying to sell..
On topic, it's all about performance, exactly how it improves is perhaps less important... I suspect that future performance improvements will have to come from software though. It's easy to make CPU faster, but that doesn't help much when software jumps of out the CPU cache:)
Public IT is definitely who should not be responsible for this kind of testing
Remember the debate after heart bleed... We were all asking ourselves how come nobody invested in security auditing for openssl.
We all took this infrastructure project for given. For the public sector to invest in some open source infrastructure projects is not a bad idea.
I'm not suggesting that the public sector review everything, but for the public sector to identify and invest in a few heavily re-used open source projects is not bad idea. It's like public sector investment in roads and other infrastructure.
Google recently disclosed that their support (for security updates) on Nexus devices was 18 months from sale (or 3 years from release). So given that Mint is a free I would argue that 5 years is rather good:)
IAM as not perfect... you can easily do subset testing to see if one policy is larger than an other policy... This is a major flaw in their design... Less power would have been easier to manage and more secure by implication.
there's 3 years of development time between now and 2019, and with Microsoft's deep pockets
Microsoft is stupid... Sad but true. They are not developing consistent services. Throw whatever money you want after it, if you have no single user manage, authentication and authorization system covering all APIs you loose. If you have different arbitrary restrictions on what ASCII chars is allowed when naming resources for different services (just in azure storage service, not counting everything else), it's going to fail...
AWS is not perfect, but it is fairly consistently designed... As in IAM users and policies for all access control (with exception of S3 which has some legacy options too)...
It's pretty clear that azure services are being developed by different teams who don't talk to each other.
I also have a few with Amazon too. No trouble there either. How is Azure sketchy?
An azure storage accounts have a single secret key shared between all users... If you have two servers/apps/persons using the same storage account they MUST share the same secret key. You can issue temporary keys, but you have to build an manage an authorization system that issues such keys. The user management in azure does not extend to cover storage accounts other than all or nothing, and all users share the same secret key. This is insane! Unthinkable in any non-trivial deployment.
Having used both Azure and AWS, I can honestly say that AWS is light years ahead of Azure...
Azure storage services has got some awesome consistency guarantees.. But it won't scale like S3, not in terms of requests, throughput or features.
Microsoft has an abyssal story for authorization and access policies... There is nothing like IAM that crosses all services, some services have policies, other services you get shared secrets (to be shared between all users)..
Honestly, they can't even figure out to make a consistent naming policy between different storage services... Figuring out what characters is allowed in names of fields, resources, urls, etc. is a nightmare... Even with azure storage services (queue, table and blob) they have vastly different restrictions... It's a joke.
The only thing interesting with Azure is their table storage service, price and simplicity wise it's a joy. But given how bad everything else, I'm tempted to move my stuff to AWS and pay a bit more for dynamodb...
Slashdot Mirror
Berlusconi didn't cause me to hear anything negative about Italy, so I wonder.
really? We certainly laughed about it... Honestly, it's things like that which makes it hard to take Italy serious... It makes you question if it's even a first world nation.
"tremendous damage"
Well, what did you expect from a trumpism :)
It sounds like something he would write on twitter...
1. Russia needs to pay for Snowden's food and lodging.
[citation needed], Russia doesn't pay him anything. They merely allow him to live in Russia.
EU is older than 2001... so you need explain.
My company recently offered debiasing training for hiring... Being an arrogant white male chauvinist pig from a country with little diversity I'll admit I was slightly skeptical. But the training was rather academic and presented some interesting perspectives:
1) it's not racism, it's largely bias (it's predominately unintentional)
2) bias is an deviation error in our decision function (we're not making optimal decisions)
3) bias is a part of our culture (it doesn't matter whether you are part of the minority that there is a negative bias towards - everybody is biased - it's in our culture)
In many ways the good news is we're not all racists, but most of us are likely biased (unintentionally). Anyways, doing something to blind ourselves from our own bias is a positive thing, as it just corrects an error in our decision logic that currently causes us to make sub-optimal decisions. Note: and correcting the error in our decision function should ideally lead to more profit, in addition to the much more important human fairness aspects.
So you don't use spotify or any other music streaming service... Or google play? or other online streaming services.
From what understand Mozilla is working hard to make sure EME will work with firefox under linux... It'll still require binary blobs, but these can be downloaded automatically and will run completely sandboxed.
Mozilla took a lot of fire for the decision to support EME, but in reality the alternative is that DRM'ed content will only be available on Windows/OS X/IOS/Android/ChromeOS using IE/saferi/chrome.
Yes, EME is still a sad practical choice, but at least the linux desktop will continue to be a viable option. That's how I see it.
To speed up the lines, get rid of the TSA
I doubt that one would be accepted... perhaps as a compromise we just have everybody walk past a bomb sniffing dog... It'll create the same illusion of security. :)
And if we train the bomb sniffing dogs to be sit really still, then 6 months from now we can replace them with stuffed dogs as a further cost saving measure
It's amazing the morons in EU\EC think they can harass US companies and not evoke a response from the US.
Oh, cry me a river... There are courts in the EU, you are more likely to see your rights honor there than in the US, a country known to deny effective council, torture people and lock up people without trial.
When you workaround taxes in both the EU and US, I for one encourage Vestager to throw the book at you. Really, when a company like Apple decides to test boundaries of the law, Apple should expect the authorities to do exactly the same.
On topic, I'm sure the US generally likes this because without this pressure the money would have stayed in tax shelters. I for one think it's okay to go after companies that are actively speculating against the state, in hope of better future tax breaks...
For the record doesn't look like EC2 has memory deduplication turned on: https://forums.aws.amazon.com/...
3. attacker VM must know the contents of the page in the victim VM
Not that hard... Often people will use a public virtual machine image for database server, proxy, load-balancer, or container host. I'm sure coreos is rarely customized, I see few reasons to do. It's often neat to attach extra disks and use cloud-init to configure VMs, rather than building custom VMs.
And even if you do build custom VMs, you're often basing it of some official VM.
My problem with unity is the papercuts... Opening dash and sometimes I can't get a terminal by typing t + enter, other times it works... Small things like that.. Oh, and animations and stuff that flickers... Even with intel graphics and latest ubuntu it still felt sketchy and crash occasionally.
Gnome shell isn't much better, but a little... as long as get nautilus as patch by ubuntu, can't live without decent type-ahead... I tried, and I'll never be able to move away...
There aren't many 30k/yr H1Bs see the distribution: https://www.graphiq.com/vlp/YQ...
And this is a strict lower bound, I make a lot more than what is reported in my LCA. Sure there is some abuse IMO 60-80k is problematic.
Most likely it seems like you just need the laws to be enforced... Like so many other broken things in America.
Most of the time you don't just store data.. Often you need to process it too, and doing so in the cloud is easy and cheap, thus you need the decrypted data in the cloud.
A smart provider however will have implemented its data management software in such a way that only his client has the key to decrypt the data it just turned over to the government. That way it cannot even be forced to decrypt it without violating the rules of mathematics and complexity theory.
The problem is that sometimes the key is temporarily present on the providers machines, either sent with API requests for server-side encryption, or present on a VM running client software in provider cloud.
And as of recent stories it seems US govt believes it can't force the cloud provider to record the key when temporarily present. To me that is the equivalent for forcing the provider to spy on your behalf because the provider isn't merely providing stuff it has on file. Curious what is your take on this?
If you need to share the key with the provider....
Yes, it's not the same a client side encryption. It's hardly an alternative, but it is most certainly a valuable addition.
It won't protect you from the NSA, etc.. But it can protect you from accidental leaks of credentials, compromised accounts, rouge under paid datacenter interns, discarded harddrives ending up who know where... Or software bugs at the provider.
It's an extra layer of attack mitigation that you should use in combination with client encryption, because client side encryption is easy to get wrong, so having an extra layer is good.
Also I'm sure this helps with compliance of regulations that might not always make sense...
I guess for most people Moore's law is going to be reformulated to fit whatever narrative you're trying to sell..
:)
On topic, it's all about performance, exactly how it improves is perhaps less important... I suspect that future performance improvements will have to come from software though. It's easy to make CPU faster, but that doesn't help much when software jumps of out the CPU cache
Public IT is definitely who should not be responsible for this kind of testing
Remember the debate after heart bleed... We were all asking ourselves how come nobody invested in security auditing for openssl.
We all took this infrastructure project for given. For the public sector to invest in some open source infrastructure projects is not a bad idea.
I'm not suggesting that the public sector review everything, but for the public sector to identify and invest in a few heavily re-used open source projects is not bad idea. It's like public sector investment in roads and other infrastructure.
there are armed police at all UK commercial airports now, have been since 9/11.
But officers in the UK are better trained and less trigger happy.
Google recently disclosed that their support (for security updates) on Nexus devices was 18 months from sale (or 3 years from release). So given that Mint is a free I would argue that 5 years is rather good :)
IAM as not perfect... you can easily do subset testing to see if one policy is larger than an other policy... This is a major flaw in their design... Less power would have been easier to manage and more secure by implication.
there's 3 years of development time between now and 2019, and with Microsoft's deep pockets
Microsoft is stupid... Sad but true. They are not developing consistent services. Throw whatever money you want after it, if you have no single user manage, authentication and authorization system covering all APIs you loose. If you have different arbitrary restrictions on what ASCII chars is allowed when naming resources for different services (just in azure storage service, not counting everything else), it's going to fail...
AWS is not perfect, but it is fairly consistently designed... As in IAM users and policies for all access control (with exception of S3 which has some legacy options too)...
It's pretty clear that azure services are being developed by different teams who don't talk to each other.
I also have a few with Amazon too. No trouble there either. How is Azure sketchy?
An azure storage accounts have a single secret key shared between all users... If you have two servers/apps/persons using the same storage account they MUST share the same secret key. You can issue temporary keys, but you have to build an manage an authorization system that issues such keys. The user management in azure does not extend to cover storage accounts other than all or nothing, and all users share the same secret key. This is insane! Unthinkable in any non-trivial deployment.
Off topic: I feel all nostalgic bashing microsoft on slashdot again...
:) hehe
Haven't had any opportunity to so past couple of years..
Having used both Azure and AWS, I can honestly say that AWS is light years ahead of Azure...
Azure storage services has got some awesome consistency guarantees.. But it won't scale like S3, not in terms of requests, throughput or features.
Microsoft has an abyssal story for authorization and access policies... There is nothing like IAM that crosses all services, some services have policies, other services you get shared secrets (to be shared between all users)..
Honestly, they can't even figure out to make a consistent naming policy between different storage services... Figuring out what characters is allowed in names of fields, resources, urls, etc. is a nightmare... Even with azure storage services (queue, table and blob) they have vastly different restrictions... It's a joke.
The only thing interesting with Azure is their table storage service, price and simplicity wise it's a joy. But given how bad everything else, I'm tempted to move my stuff to AWS and pay a bit more for dynamodb...