Can you say in a serious face that the NSA HAS 0 exploitable bugs on Linux?
A) FTFY B) Why bring up Linux? I'm just talking about the flaws that Microsoft owned code has.
The echo chamber of anti MS hate is strong here as always but put the crackpipe down.
The only thing I've done is lay blame where blame should be laid. When a severe bug for operating system XYZ is exposed then you blame the people who developed it, not the people who exploited it. This is true for all operating systems.
The top of the line MPC57xx [nxp.com] is only ranges from 32 MHz to over 300 MHz.
Thus confirming what I wrote.
All of which are much more reliable than the 68ks.
68k was just an example. My point was just that they are of a significantly higher complexity.
For OS' it's running a RTOS of some sort, not a 'full blown OS'
I classify an RTOS as being a full-blown OS. Process switching makes it a full OS.
Theres' no opensource compiler for the chips. There's no opensource RTOS for the chips. [...] a fully opensource everything for 2017 vehicles isn't going to happen.
My point was that it should be a mandated requirement for vehicles. It's called regulation and thanks for making my point about how closed the systems are.
You forget that they need to meet automotive requirements. This requires a very wide operating temperature range as well as a coprocessor doing the computing exactly the same thing and checking if the results match. If that weren't the case then we would have approximately the same chips in our cars as we have in our smartphones.
Solutions like this are classic examples of tech-rich people thinking they have all the answers when there's a whole bank of qualified specialist people already working in that field who know what's really needed to fix the problem but have only been stymied by politics.
You might be completely right about this but I suspect the traffic tunnels is the excuse he's giving to develop his own machinery. I think the primary interest here is actually to develop the machinery that would be needed to mine for minerals on Mars.
Alternatively, he may be secretly planning to create a bunch of tunnels to connect the continents and then make a rail line that can transport goods faster and cheaper between the east and the west faster than huge boats could ever hope to travel. Something like this would take at least a decade and giving a non-threatening "traffic tunnels" excuse prevents the existing transport industry from putting up their guard and blocking his progress with paid off politicians.
When you create an exploit, you create a weapon but when you submit a fix, you make that weapon ineffective. So now instead of having the world's best armor, we have an absurd cache of weapons and those weapons have been stolen. The moral isn't to protect your weapons better, it's that you should be making better armor.
If we've learned anything from the number of defects that are discovered in ECUs it's that they exist and people die because of them. Cars are becoming increasingly computerized which is disturbing because they are incorporating non-vital features into ECUs which are black boxes that we are just expected to trust behave properly. What we need is standardized and open source ECUs that handle all the basic systems needed for the car to function. Car companies can keep their fancy features in a secondary module but that car should be able to function and meet emission standards without it. This way, there will never be another Volkswagen type incident where they cheat the system and no more of these type sensor incidents.
Modern ECUs are not based around your old rock solid M68000 chips at 20MHz and 64KB of software, they usually run at a minimum of 200MHz with a few megabytes for software because they run full-blown operating systems.
How many people need to die easily preventable deaths before we learn?
What they should really be banning is platform exclusive titles. Meaning, if your movie title is exclusively release on platform XYZ then it's disqualified. It's an effort made in vain but if you're going to do it, do it for a good reason.
The real reason Itanium failed isn't because it was inferior but rather because they failed to proliferate support for it in compilers while maintaining a higher price point. If they ensure before it's release that it were well supported by all the major compilers (instead of exclusively with Intel compilers upon release) and had a similar price to x86 chips then they could have had a real chance. Instead, they relied on their market position and expected people would catch up to them in time.
This conquer-by-market-share approach might of worked if AMD hadn't come out with AMD64 extensions we now call x86_64 that was significantly simpler (thus easier to adapt existing compilers) and less expensive than Itanium.
The poor software support and high architectural complexity mirrors the exact conditions that lead the original Sony Playstation to dominate the Sega Saturn several years earlier.
Cloudflare is a multi-million dollar company and they are only willing to pay $50K for someone to make all their problems go away? Pff! Come back when you are serious.
The Internet of Shit is both an immediate and persistent threat because not only do these devices exist, more are being connected daily. The problem is that the companies are not getting the negative financial feedback (punishment) that they need to correct their behavior.
IoT vendors will only secure their devices after it starts costing them money or are legally required to do so.
The best option is to hijack the IoT devices to DDoS their makers because it creates a direct feedback loop. The more insecure devices they sell, the more it will cost them to host their company's website(s). For extra points, only target their parent company.;)
Considering he was able to use the data he took to launch a business of his own, $319K is a bargain. I mean, that's a cost of doing business expense if that's all he has to pay.
I confess to using Gmail (for convenience) and purchase the occasional item from Amazon but that's it but I don't even interact with the rest. If they all vanished, I would be just fine. Does this mean I'm not participating in the modern world?
Yes, investigating is nice. People should wait until it's completed if they want to be taken seriously with their accusations.
If there was no opposition to investigating then there would be no problem and this would fade away quickly as the truth is revealed. Unfortunately, there has been great resistance to investigating and this abrupt dismissal which only fuels suspicion. The greater the resistance the longer the investigation will take and the more you will hear about it. The more people involved in investigating that are abruptly fired, the more you will hear about it.
I just figured it out why the Pope has been so progressive: it's all been a lure for this moment! You see, when they arrive in the Vatican, the world's most prominent cosmologists will be put on trial for heresy. It's too bad this warning won't reach them in time because nobody expects the Spanish Inquisition!;)
Slashdot Mirror
A new version of WannaCry ransomware is on the loose!
This is a game of cat and mouse, so don't assume you have won.
The usual answer is more weapons.
Software security isn't your usual war so the usual answers do not apply.
I guess you missed the ";)" emoticon at the end of my incredibly sarcastic comment that indicates it shouldn't be taken seriously. That's on you.
Can you say in a serious face that the NSA HAS 0 exploitable bugs on Linux?
A) FTFY
B) Why bring up Linux? I'm just talking about the flaws that Microsoft owned code has.
The echo chamber of anti MS hate is strong here as always but put the crackpipe down.
The only thing I've done is lay blame where blame should be laid. When a severe bug for operating system XYZ is exposed then you blame the people who developed it, not the people who exploited it. This is true for all operating systems.
The top of the line MPC57xx [nxp.com] is only ranges from 32 MHz to over 300 MHz.
Thus confirming what I wrote.
All of which are much more reliable than the 68ks.
68k was just an example. My point was just that they are of a significantly higher complexity.
For OS' it's running a RTOS of some sort, not a 'full blown OS'
I classify an RTOS as being a full-blown OS. Process switching makes it a full OS.
Theres' no opensource compiler for the chips.
There's no opensource RTOS for the chips.
[...] a fully opensource everything for 2017 vehicles isn't going to happen.
My point was that it should be a mandated requirement for vehicles. It's called regulation and thanks for making my point about how closed the systems are.
EVERY Person, and EVERY Business, that this will do damage to. Its their tool, POORLY secured, that caused this ENTIRE MESS!
You got it all wrong. The entity to blame is Microsoft. Their operating system is poorly secured which is the root cause of this entire mess.
You forget that they need to meet automotive requirements. This requires a very wide operating temperature range as well as a coprocessor doing the computing exactly the same thing and checking if the results match. If that weren't the case then we would have approximately the same chips in our cars as we have in our smartphones.
Solutions like this are classic examples of tech-rich people thinking they have all the answers when there's a whole bank of qualified specialist people already working in that field who know what's really needed to fix the problem but have only been stymied by politics.
You might be completely right about this but I suspect the traffic tunnels is the excuse he's giving to develop his own machinery. I think the primary interest here is actually to develop the machinery that would be needed to mine for minerals on Mars.
Alternatively, he may be secretly planning to create a bunch of tunnels to connect the continents and then make a rail line that can transport goods faster and cheaper between the east and the west faster than huge boats could ever hope to travel. Something like this would take at least a decade and giving a non-threatening "traffic tunnels" excuse prevents the existing transport industry from putting up their guard and blocking his progress with paid off politicians.
I've said it before but it bears repeating.
When you create an exploit, you create a weapon but when you submit a fix, you make that weapon ineffective. So now instead of having the world's best armor, we have an absurd cache of weapons and those weapons have been stolen. The moral isn't to protect your weapons better, it's that you should be making better armor.
If we've learned anything from the number of defects that are discovered in ECUs it's that they exist and people die because of them. Cars are becoming increasingly computerized which is disturbing because they are incorporating non-vital features into ECUs which are black boxes that we are just expected to trust behave properly. What we need is standardized and open source ECUs that handle all the basic systems needed for the car to function. Car companies can keep their fancy features in a secondary module but that car should be able to function and meet emission standards without it. This way, there will never be another Volkswagen type incident where they cheat the system and no more of these type sensor incidents.
Modern ECUs are not based around your old rock solid M68000 chips at 20MHz and 64KB of software, they usually run at a minimum of 200MHz with a few megabytes for software because they run full-blown operating systems.
How many people need to die easily preventable deaths before we learn?
What they should really be banning is platform exclusive titles. Meaning, if your movie title is exclusively release on platform XYZ then it's disqualified. It's an effort made in vain but if you're going to do it, do it for a good reason.
The real reason Itanium failed isn't because it was inferior but rather because they failed to proliferate support for it in compilers while maintaining a higher price point. If they ensure before it's release that it were well supported by all the major compilers (instead of exclusively with Intel compilers upon release) and had a similar price to x86 chips then they could have had a real chance. Instead, they relied on their market position and expected people would catch up to them in time.
This conquer-by-market-share approach might of worked if AMD hadn't come out with AMD64 extensions we now call x86_64 that was significantly simpler (thus easier to adapt existing compilers) and less expensive than Itanium.
The poor software support and high architectural complexity mirrors the exact conditions that lead the original Sony Playstation to dominate the Sega Saturn several years earlier.
Your posts seem to indicate you only read the title. Try reading the article.
unless the Dems take the House since it's up to the House to bring impeachment charges.
What the fuck does that have to do with anything in the article?! Just trying to stir up trouble?
Cloudflare is a multi-million dollar company and they are only willing to pay $50K for someone to make all their problems go away? Pff! Come back when you are serious.
The Internet of Shit is both an immediate and persistent threat because not only do these devices exist, more are being connected daily. The problem is that the companies are not getting the negative financial feedback (punishment) that they need to correct their behavior.
I've said it before but it's worth repeating.
IoT vendors will only secure their devices after it starts costing them money or are legally required to do so.
The best option is to hijack the IoT devices to DDoS their makers because it creates a direct feedback loop. The more insecure devices they sell, the more it will cost them to host their company's website(s). For extra points, only target their parent company. ;)
Considering he was able to use the data he took to launch a business of his own, $319K is a bargain. I mean, that's a cost of doing business expense if that's all he has to pay.
The Windows Store should be graced with every Linux distro. Only a few thousand of 'em, right? ;)
I think product recalls require a safety component. You could argue this qualifies but I have two better words: brick them.
A Baffling Brain Defect Is Linked to LinkedIn...
I knew was something wrong with the people that use LinkedIn! ;)
I confess to using Gmail (for convenience) and purchase the occasional item from Amazon but that's it but I don't even interact with the rest. If they all vanished, I would be just fine. Does this mean I'm not participating in the modern world?
If Russia was involved in advertising and campaigning for either candidate, then it would be interference.
Well then, there certainly is no point in singling them out, is there? Unless of course you're trying to distract attention.
distract attention from what? besides, don't you have an article to correct?
Isn't the the point of investigating?
Yes, investigating is nice. People should wait until it's completed if they want to be taken seriously with their accusations.
If there was no opposition to investigating then there would be no problem and this would fade away quickly as the truth is revealed. Unfortunately, there has been great resistance to investigating and this abrupt dismissal which only fuels suspicion. The greater the resistance the longer the investigation will take and the more you will hear about it. The more people involved in investigating that are abruptly fired, the more you will hear about it.
I just figured it out why the Pope has been so progressive: it's all been a lure for this moment! You see, when they arrive in the Vatican, the world's most prominent cosmologists will be put on trial for heresy. It's too bad this warning won't reach them in time because nobody expects the Spanish Inquisition! ;)
You should argue without resorting to obvious fallacies. ;)
Russia is external to the US which is why it's interference.
Any attempt to influence the outcome of an election (easily) qualifies as interference.
That's bullshit, unless you want to include all the advertising and campaigning.
If Russia was involved in advertising and campaigning for either candidate, then it would be interference.
the concern here is Russia's ties to the current administration.
When you come up with evidence, let me know, okay?
Isn't the the point of investigating?