Reading further in comments, I saw this comment from Krebs (emphasis mine):
Actually, the intel I’m gathering suggests it’s not routers at issue, but mostly DVRs and some IP cameras.
So, sounds like the Internet of Things is already biting us fairly hard these days. OS makers for computers and phones have made those platforms much harder to compromise than they used to be, and regularly patch known vulnerabilities. But I fear IoT manufacturers are going to make all the same, old mistakes that PCs went though over the past decade or so, instead of gleaming the hard-won knowledge of best security practices.
Many readers have been asking whether this attack was in retaliation for my recent series on the takedown of the DDoS-for-hire service vDOS, which coincided with the arrests of two young men named in my original report as founders of the service.
How about the folks who provide DDOS for hire? For them it costs nothing (if they're just using spare capacity), since they own the botnets. And at the same time, they're sort of advertising their wares at the same time.
This sort of thing is just going to get worse when crappy / non-existant IoT security devices exposed themselves to the web via large-capacity fiber and cable connections. It's already bad enough with compromised routers and computers. Most people won't get protected. They'll just get knocked off the web at will by people like this.
Lol, I knew I was going to get comments like that. Christ, it was just an example. Assume this is simple integer arithmetic in a well-defined range, ok? And I'm still trying to figure out what sort of C compiler that doesn't understand C++ comments would generate runtime code that crashes instead.
Honestly, there are seriously whacked PCs in the world (especially badly overclocked gaming PCs) that try to argue that 1 + 1 == 3.
Or perhaps something like a design flaw in memory that's provable and repeatable, and has even been used for conceptual security attacks.
Still, when you start looking at crash reports from millions of customers (I used to work on a fairly well-known MMO), you see stuff that simply shouldn't be possible, and you start wondering about things like cosmic radiation. We had to filter out what we figured were hardware-based errors due to overclocked CPUs, bad RAM, etc, or else you get flooded with impossible crash stacks.
I'd bet it's about as much an exaggeration as people claiming that C++'s operator overloading hides all sorts of crazy logic and performance pitfalls. I've been programming in C++ for decades on million-line projects, and not once have I seen anything like that.
I've actually been programming in Python the past few months. Because the indentation require aligns with what you naturally do as a programmer, it hasn't seemed all that problematic to me.
C++ has a ton of really nasty, subtle pitfalls that you just have to learn to avoid through rigorous self-discipline: Don't forget to initialize your variables. Don't forget your virtual destructor. Don't return and use the address of a temporary variable. Don't screw up your copy and move constructors. Etc, etc. Seen all of these cause issues that were tricky to track down in real life.
I dunno, in practice C++ still seems a hell of a lot trickier to use than Python, so I have a hard time getting worked up about indentation when I'm using to working in a language with beartraps and landmines liberally sprinkled throughout it. Maybe I'll have a different opinion if I work on it longer.
You can still buy quality lawnmowers. Just buy a good brand, like a Honda, and then properly maintain it. There's a reason some mowers cost $150 and some cost $800.
It's not just intentional sabatoge that can cause a lack of support. Newly release chipsets or other hardware often doesn't have initial Linux support. Sometimes it takes time for that to get incorporated into the kernel and make it's way up the pipeline. Moreover, each distro tends to incorporate new kernel changes at different paces, and it makes it hard to predict how soon support will arrive for new hardware.
I'm not sure if this is the case here. The story makes it sound like it was deliberate, which wouldn't be too surprising I guess, but it's hard to say.
If your best idea of a hero is someone who runs away and leaves his mother and sister behind to pay for his defection, just to sit in comfort somewhere and spin stories for US politicians to exploit... then congrats. You truly are a notable person, no kidding...
Choose your propaganda carefully, my friend. You're implying that the N Korean authorities will make family members pay for the crime of escaping from that worker's paradise. That also implies those people were correct to try to escape, and aren't just making up stories, doesn't it? See what happens when you lie in both directions? You end up contradicting yourself in the same post.
He may be overly ambitious here (and I suspect he is), but whatever his failings, he isn't an idiot.
I think he's more of an idiot savant - gifted in some ways, a little wacky in others. Like that whole "pretty sure the universe is a computer simulation" thing. He has lots of money, some good ideas, and a knack for hiring smart people. Keep in mind that *they're* really the ones who build the rockets and cars.
Just FYI, despite what it says in the summary, NetBeans is an IDE with lots of plugins and language support, and works just fine for C++ development as well as Java. I'm using it for the Linux port of my game, written entirely in C++.
Terrorism? We heard immediately after the incident that it wasn't terrorism, and every AP story thereafter seems to be reinforcing that angle.
Besides, Uber would probably only have to hire just a few extra people to monitor the news worldwide and enter a command to temporarily prevent rating spikes in emergency situations in a localized area. No need to figure out some complicated automated algorithm to do this.
How do you think two arbitrary mobile machines connect to each other on the internet (not just locally)? To connect two machines via the internet, you need to have known IP addresses to talk to, and these phones and devices can't act as internet servers, for a variety of technical reasons, listening for these connections. Anytime you communicate with anyone else in an apparent "peer to peer" fashion using smartphone apps, some central authority is needed to at least make the initial connection.
The problem is that these companies often can't resist collecting all sorts of personal information, and don't know how to properly secure the data and communications channel (security is hard), and so it ultimately ends up as a privacy nightmare. IoT is a security disaster, but the public still hasn't caught on. There are going to be many cases such as this one over the next few years.
I'm not a database guy either, but if I had to take a guess, I'd say "scale". It's pretty simple to set up small, open-source databases for small websites, or medium databases that only have to scale up to a large corporation using powerful hardware. I'd imagine it's somewhat more difficult to scale operations up to the point an entire state, with potentially millions of total and thousands of concurrent visitors.
We're tech-savvy people, so we know what Oracle is like. But Oracle pays a lot of salespeople with slick promotional material that probably sounded good to the politicians. I'm sure the open-source options weren't nearly as sexy.
Or, people would like to be able to own homes in areas unblighted by rooftop antenna towers.
Do you seriously think this will lead to your neighbors putting up something like this rather than this?
What about a modest radio antenna makes it a "blight" in your neighborhood? Besides which, as soon as there's some sort of disaster or emergency, your neighbor in that "blighted" house is going to become your new best buddy. That's the entire point of this: having some ham operators in your area is a good thing for safety reasons.
When you find yourself continually "reinventing the wheel", as a programmer, you should start figuring out how to create a wheel factory. But that doesn't put you out of work, as you still need to work on the wheel factory, if not the individual wheels. It just means you can create a lot more wheels with a whole lot less effort. The programmers still will have plenty of work - they just work on higher-level abstractions, and are more productive. True, there may be adjustments in employment numbers, but keep in mind that this may be offset by increased demand from a larger world-wide userbase, as more and more people are reaping the benefits of technology.
Besides, people have been promising programmer-free application construction for decades, and we're STILL relying on good ole third-generation languages for a large part of our infrastructure. The future, as it turns out, wasn't fancy fourth and fifth generation languages, but moderate language improvement and more frameworks or libraries to handle the common grunt-work. I don't think we're in imminent danger of losing all our programming jobs to AI-driven systems. It makes for a nice boogeyman, but low-cost outsourced labor is probably much more of an actual threat for most of us over the next few decades.
I saw some Democrats supporting this bill. Therefore, as a Republican, I'm going to have to oppose this bill on principle.
No, I'm kidding, of course. I'm not a ham radio operator myself, but it seems like this is some common-sense legislation. Homeowner's associations can be remarkably priggish at times. I think some people just enjoy lording nitpicky rules over others, and that's the only mechanism they have, other than making family members miserable.
Cats tend to bury their feces. DOGS shit anywhere. But *neither* of those animals are likely to infest your house, chew through your walls, eat your food, and shit in your pantry. That's why rats are a unique problem - they tend to infest human habitations a bit more voraciously than other animals.
I use an HTC One, not an iPhone. I just think the hunt for complaints has gotten absurd. And besides, "courage" was the most ridiculous thing I've heard in a while, so I'm not sure the magic iField is properly affecting me.
Gosh, whatever will we do? Oh, wait. Problem solved. Funny enough, some first-world problems have a first world solution as well.
Can we go back to bitching about the loss of the headphone jack, or is that already passé? I think we're just trying to find things to complain about at this point.
Me and my brother's solution to that (neither of us have cable) is to drive over to my parent's house on Sunday to watch football. My folks still like their cable shows, so they stay subscribed, and it gives the family a nice excuse to spend the day together, yelling at the TV (nothing like a nail-biting come-from-behind win to get the blood pumping) and sharing a meal together afterwards.
A quick question: Can set your alarm clock to wake you up at one time on weekdays, and a different time on weekends? How about a one-time alarm when you need to get up at a different time that particular morning? If so, is it easy enough that your non-technically-minded spouse could do it?
It's trivial with my smartphone, because it's got a stupidly expensive touch-screen interface that enables an intuitive interface that a dedicated alarm clock could never afford at it's $10-30 price point. Those clocks have to make due with a few LCD lights and a couple of hardware buttons to do the job. Every time I sleep in a hotel and try to set their alarm clock (after which I give up and ask the desk for a wake-up call), I'm reminded again at how awful most dedicated, low-cost electronics interfaces are.
During World War 2 when the Dutch were near starvation late in the Nazi occupation, my grandmother - a young woman at the time, obviously - heard her baby sister suddenly start screaming from her crib in the next room. She rushed in to discover a rat chewing on the baby's chest.
They're nasty, disease-carrying vermin, and anyone who feels sorry for them (or, idiotically, asks how they're worse than cats, deer, or wild horses) simply hasn't had a close encounter with them. I specifically keep cats around as nature's own anti-vermin patrol. My cats are well worth their value in purchased cat food and vet visits just for that function alone, and as a bonus, every once in a while they deign to permit me to pet them for a while.
The difference is that, these days, the entire world can search for a person and find those embarrassing pictures at will. In the pre-internet days, that embarrassment was limited to the number of people whom the parents could physically shove those pictures in front of, assuming they didn't rent a billboard or something absurd like that. Instant global availability does changes things a bit, you have to admit. What happens if those pictures are the first thing that shows up when someone performs an online search using her name? Maybe that's not the first pictures she'd prefer to have someone find of her.
Worth suing your parents over? Obviously, this family had other issues. Reasonably people would have agreed to take down the photos after realizing it was making the child uncomfortable.
Slashdot Mirror
Reading further in comments, I saw this comment from Krebs (emphasis mine):
Actually, the intel I’m gathering suggests it’s not routers at issue, but mostly DVRs and some IP cameras.
So, sounds like the Internet of Things is already biting us fairly hard these days. OS makers for computers and phones have made those platforms much harder to compromise than they used to be, and regularly patch known vulnerabilities. But I fear IoT manufacturers are going to make all the same, old mistakes that PCs went though over the past decade or so, instead of gleaming the hard-won knowledge of best security practices.
From Kreb's site:
Many readers have been asking whether this attack was in retaliation for my recent series on the takedown of the DDoS-for-hire service vDOS, which coincided with the arrests of two young men named in my original report as founders of the service.
How about the folks who provide DDOS for hire? For them it costs nothing (if they're just using spare capacity), since they own the botnets. And at the same time, they're sort of advertising their wares at the same time.
This sort of thing is just going to get worse when crappy / non-existant IoT security devices exposed themselves to the web via large-capacity fiber and cable connections. It's already bad enough with compromised routers and computers. Most people won't get protected. They'll just get knocked off the web at will by people like this.
but Python having significant whitespace has caused endless complaints
Can't argue with you there... It's definitely a polarizing feature.
Lol, I knew I was going to get comments like that. Christ, it was just an example. Assume this is simple integer arithmetic in a well-defined range, ok? And I'm still trying to figure out what sort of C compiler that doesn't understand C++ comments would generate runtime code that crashes instead.
Honestly, there are seriously whacked PCs in the world (especially badly overclocked gaming PCs) that try to argue that 1 + 1 == 3.
Or perhaps something like a design flaw in memory that's provable and repeatable, and has even been used for conceptual security attacks.
Still, when you start looking at crash reports from millions of customers (I used to work on a fairly well-known MMO), you see stuff that simply shouldn't be possible, and you start wondering about things like cosmic radiation. We had to filter out what we figured were hardware-based errors due to overclocked CPUs, bad RAM, etc, or else you get flooded with impossible crash stacks.
x = 3 * y; // Crash here! WTF?
I'd bet it's about as much an exaggeration as people claiming that C++'s operator overloading hides all sorts of crazy logic and performance pitfalls. I've been programming in C++ for decades on million-line projects, and not once have I seen anything like that.
I've actually been programming in Python the past few months. Because the indentation require aligns with what you naturally do as a programmer, it hasn't seemed all that problematic to me.
C++ has a ton of really nasty, subtle pitfalls that you just have to learn to avoid through rigorous self-discipline: Don't forget to initialize your variables. Don't forget your virtual destructor. Don't return and use the address of a temporary variable. Don't screw up your copy and move constructors. Etc, etc. Seen all of these cause issues that were tricky to track down in real life.
I dunno, in practice C++ still seems a hell of a lot trickier to use than Python, so I have a hard time getting worked up about indentation when I'm using to working in a language with beartraps and landmines liberally sprinkled throughout it. Maybe I'll have a different opinion if I work on it longer.
You can still buy quality lawnmowers. Just buy a good brand, like a Honda, and then properly maintain it. There's a reason some mowers cost $150 and some cost $800.
It's not just intentional sabatoge that can cause a lack of support. Newly release chipsets or other hardware often doesn't have initial Linux support. Sometimes it takes time for that to get incorporated into the kernel and make it's way up the pipeline. Moreover, each distro tends to incorporate new kernel changes at different paces, and it makes it hard to predict how soon support will arrive for new hardware.
I'm not sure if this is the case here. The story makes it sound like it was deliberate, which wouldn't be too surprising I guess, but it's hard to say.
If your best idea of a hero is someone who runs away and leaves his mother and sister behind to pay for his defection, just to sit in comfort somewhere and spin stories for US politicians to exploit... then congrats. You truly are a notable person, no kidding...
Choose your propaganda carefully, my friend. You're implying that the N Korean authorities will make family members pay for the crime of escaping from that worker's paradise. That also implies those people were correct to try to escape, and aren't just making up stories, doesn't it? See what happens when you lie in both directions? You end up contradicting yourself in the same post.
We already have robots designed "solely or primarily to kill or harm humans". They're called "cruise missiles".
He may be overly ambitious here (and I suspect he is), but whatever his failings, he isn't an idiot.
I think he's more of an idiot savant - gifted in some ways, a little wacky in others. Like that whole "pretty sure the universe is a computer simulation" thing. He has lots of money, some good ideas, and a knack for hiring smart people. Keep in mind that *they're* really the ones who build the rockets and cars.
Just FYI, despite what it says in the summary, NetBeans is an IDE with lots of plugins and language support, and works just fine for C++ development as well as Java. I'm using it for the Linux port of my game, written entirely in C++.
Terrorism? We heard immediately after the incident that it wasn't terrorism, and every AP story thereafter seems to be reinforcing that angle.
Besides, Uber would probably only have to hire just a few extra people to monitor the news worldwide and enter a command to temporarily prevent rating spikes in emergency situations in a localized area. No need to figure out some complicated automated algorithm to do this.
How do you think two arbitrary mobile machines connect to each other on the internet (not just locally)? To connect two machines via the internet, you need to have known IP addresses to talk to, and these phones and devices can't act as internet servers, for a variety of technical reasons, listening for these connections. Anytime you communicate with anyone else in an apparent "peer to peer" fashion using smartphone apps, some central authority is needed to at least make the initial connection.
The problem is that these companies often can't resist collecting all sorts of personal information, and don't know how to properly secure the data and communications channel (security is hard), and so it ultimately ends up as a privacy nightmare. IoT is a security disaster, but the public still hasn't caught on. There are going to be many cases such as this one over the next few years.
I'm not a database guy either, but if I had to take a guess, I'd say "scale". It's pretty simple to set up small, open-source databases for small websites, or medium databases that only have to scale up to a large corporation using powerful hardware. I'd imagine it's somewhat more difficult to scale operations up to the point an entire state, with potentially millions of total and thousands of concurrent visitors.
We're tech-savvy people, so we know what Oracle is like. But Oracle pays a lot of salespeople with slick promotional material that probably sounded good to the politicians. I'm sure the open-source options weren't nearly as sexy.
Or, people would like to be able to own homes in areas unblighted by rooftop antenna towers.
Do you seriously think this will lead to your neighbors putting up something like this rather than this?
What about a modest radio antenna makes it a "blight" in your neighborhood? Besides which, as soon as there's some sort of disaster or emergency, your neighbor in that "blighted" house is going to become your new best buddy. That's the entire point of this: having some ham operators in your area is a good thing for safety reasons.
When you find yourself continually "reinventing the wheel", as a programmer, you should start figuring out how to create a wheel factory. But that doesn't put you out of work, as you still need to work on the wheel factory, if not the individual wheels. It just means you can create a lot more wheels with a whole lot less effort. The programmers still will have plenty of work - they just work on higher-level abstractions, and are more productive. True, there may be adjustments in employment numbers, but keep in mind that this may be offset by increased demand from a larger world-wide userbase, as more and more people are reaping the benefits of technology.
Besides, people have been promising programmer-free application construction for decades, and we're STILL relying on good ole third-generation languages for a large part of our infrastructure. The future, as it turns out, wasn't fancy fourth and fifth generation languages, but moderate language improvement and more frameworks or libraries to handle the common grunt-work. I don't think we're in imminent danger of losing all our programming jobs to AI-driven systems. It makes for a nice boogeyman, but low-cost outsourced labor is probably much more of an actual threat for most of us over the next few decades.
I saw some Democrats supporting this bill. Therefore, as a Republican, I'm going to have to oppose this bill on principle.
No, I'm kidding, of course. I'm not a ham radio operator myself, but it seems like this is some common-sense legislation. Homeowner's associations can be remarkably priggish at times. I think some people just enjoy lording nitpicky rules over others, and that's the only mechanism they have, other than making family members miserable.
Wild dogs and cats shit everywhere
Cats tend to bury their feces. DOGS shit anywhere. But *neither* of those animals are likely to infest your house, chew through your walls, eat your food, and shit in your pantry. That's why rats are a unique problem - they tend to infest human habitations a bit more voraciously than other animals.
I use an HTC One, not an iPhone. I just think the hunt for complaints has gotten absurd. And besides, "courage" was the most ridiculous thing I've heard in a while, so I'm not sure the magic iField is properly affecting me.
Gosh, whatever will we do? Oh, wait. Problem solved. Funny enough, some first-world problems have a first world solution as well.
Can we go back to bitching about the loss of the headphone jack, or is that already passé? I think we're just trying to find things to complain about at this point.
Me and my brother's solution to that (neither of us have cable) is to drive over to my parent's house on Sunday to watch football. My folks still like their cable shows, so they stay subscribed, and it gives the family a nice excuse to spend the day together, yelling at the TV (nothing like a nail-biting come-from-behind win to get the blood pumping) and sharing a meal together afterwards.
A quick question: Can set your alarm clock to wake you up at one time on weekdays, and a different time on weekends? How about a one-time alarm when you need to get up at a different time that particular morning? If so, is it easy enough that your non-technically-minded spouse could do it?
It's trivial with my smartphone, because it's got a stupidly expensive touch-screen interface that enables an intuitive interface that a dedicated alarm clock could never afford at it's $10-30 price point. Those clocks have to make due with a few LCD lights and a couple of hardware buttons to do the job. Every time I sleep in a hotel and try to set their alarm clock (after which I give up and ask the desk for a wake-up call), I'm reminded again at how awful most dedicated, low-cost electronics interfaces are.
During World War 2 when the Dutch were near starvation late in the Nazi occupation, my grandmother - a young woman at the time, obviously - heard her baby sister suddenly start screaming from her crib in the next room. She rushed in to discover a rat chewing on the baby's chest.
They're nasty, disease-carrying vermin, and anyone who feels sorry for them (or, idiotically, asks how they're worse than cats, deer, or wild horses) simply hasn't had a close encounter with them. I specifically keep cats around as nature's own anti-vermin patrol. My cats are well worth their value in purchased cat food and vet visits just for that function alone, and as a bonus, every once in a while they deign to permit me to pet them for a while.
The difference is that, these days, the entire world can search for a person and find those embarrassing pictures at will. In the pre-internet days, that embarrassment was limited to the number of people whom the parents could physically shove those pictures in front of, assuming they didn't rent a billboard or something absurd like that. Instant global availability does changes things a bit, you have to admit. What happens if those pictures are the first thing that shows up when someone performs an online search using her name? Maybe that's not the first pictures she'd prefer to have someone find of her.
Worth suing your parents over? Obviously, this family had other issues. Reasonably people would have agreed to take down the photos after realizing it was making the child uncomfortable.