Re: other devices also now available?
Yes, though that manufacturer got a bit of a bad reputation for the previous model only supporting Windows 10. This one is anounced to support Linux.
4850 publicly visible posts • joined 9 Mar 2007
Chromebooks are rather locked down devices which require you to jailbreak them... resulting in what's essentially a bog standard laptop. The default software on Chromebooks is essentially a Google-client.
The great advantage of this is its form factor. It's essentially a laptop, but much smaller. And it's not as locked down as Android, so you can actually _do_ stuff with it.
Including a Logo that's clearly Word-Art, and claims like having a "non-indexed database".
It uses HTTP to upload the data to a central server... where there's a PHP script taking the data. It uses password protection, but those credentials are test/test or gast/test, or test2/test2...
This is the homepage, BTW
https://www.wahlinfo.de/
A verified kernel might prevent your USB stack from overwriting other code, but it's not neccesarily going to prevent you from having parts of your USB stack overwrite other parts, and therefore eliminating the "data diode" on the USB ports.
Additionally this implementation encodes window positions in separate pixels which is both error prone (some graphics cards rescale/gamma-correct their framebuffers before sending it to the screen) and another interface and therefore attack vector.
In any case, it's what I suggested as a response to this talk here:
https://media.ccc.de/v/MRMCD2014_-_6037_-_de_-_tiefbaustelle_s21_-_201409071330_-_end-to-display_verschlusselung_zur_absicherung_von_industriespionage_-_sango
"You also need to direct the input to appropriate machine, and how do you know which machine that is?"
Actually that's what I've tried to explain in my OP. You can either use the mouse position, or have some sort of focus system, where you have, for example, a row of buttons on the KVM where you can select one of the systems to have all input. If you set your background to "transparent", you can even draw a border around it, or grey out all the other systems.
"WEY-TEC USB Deskswitch II does not work with Topre Realforce keyboards"
Most KVMs today on the market have horribly bad firmware, cobbled together by people who have no idea what they are doing. There are many KVM switches which essentially crash when you select an input with no video coming in.
After all this can essentially be done by video mixing, something that TV studios did since the 1960s.
Essentially you'd sync all sources together, either via genlockable graphics cards, or via a separate framebuffer on your mixer. (no CPU intervention necessary, this can all be done in hardware). The framebuffer can even do things like scaling resolutions, or cropping video.
Then you define a "transparent" colour, as well as a priority list for all those layers. Every 8 or 16 Bit 1990s games console did that in hardware.
The only thing that actually needs a CPU to touch actual data is the system that determines the mouse position and distributes the mouse and keyboard events accross the individual systems. And that code is rather trivial. It only needs to translate the position information into absolute coordinates, ask the hardware what system is at a certain pixel, and forward it to that system.
Well yes, but replacing equipment while it's running in the field is very expensive, and most vendors will try to weasel themselves out of their liability. Essentially it would mean that you have to do extensive fault analysis on a device which is currently running on a productive system.
Most companies won't even have the equipment to fully diagnose a problem like a faulty implementation of Ethernet link negotiation. Without that most vendors will simply shrug off the problem as they can always blame it on other components.
We have simple solutions to simple problems, but then someone claims there to be some usecase that doesn't actually exist (or only exists because of stupidity) which results in people replacing something simple with something _much_ more complex.
Typical examples are HTTP/2, SystemD or UEFI.
Unfortunately we live in a world with lots of crap. So as always:
Use well defined standards with more than one implementation.
Check for interoperability
Avoid having only one vendor
Avoid people who buy you lunches, their only useful function to you is to lend you equipment for tests.
I mean you turn an object, which can contain both data and code, into a binary blob, then you turn that blob back into data... and code. I mean if you send that binary blob accross the network, you should at least be scared that it's not compatible between different versions of your code.
So far in the last decade or so, every KDE installation I've seen over various hardware devices and various software versions, from SuSE to Kubuntu had severe display problems. This starts with rounded borders of windows having messed up backgrounds and goes on to actual crashes.
Has this been fixed now?
There are lots of companies like this one. Usually their main selling point is that they will allow you to get around traffic jams... however...
The air might look like it has a huge capacity, but you have greater speeds and a less stable system which forces you to have higher safety margins... which means traffic jams again.
Any increase in capacity usually results in more traffic filling it.
Instead of the "Singularity" we might get the "Crapularity".
We experience technology working less and less well. Ask a 1980s programmer to make a little database table editing program, and they'll write a few lines of dBase. As a 2017 programmer and you'll get several Java or PHP frameworks cobbled together which might, if everything was done competently, be as good as the 3 line solution from the 1980s.
This is what we get today. Things become more and more complex. Where you used to have a simple manual listing commands to drive a peripheral, you now have huge software abstraction layers which usually lack the function you want to have.
Currently companies like Google or Amazon still get the people who know how to solve a problem as simple and flexible as possible. It's unclear if this will continue. Eventually those people will retire and unless we ramp up education, there might not be a generation which grew up with actual computers.
Well there is more than just the number of participants that is relevant. The study could have some serious flaws...
...however the results of the study are exactly what you'd expect from a GUI which removes important visual clues to how it works. Just imagine having a room with an invisible touch sensitive sensor instead of a clearly visible light switch. You probably still touch the right space on the wall many times, but if you don't, it's hard to see where you should have touched it.
"Because as we all know, it's impossible to send encrypted data across the internet without a social media/email account."
This is not about the technically adept. This is about the layperson. The whole idea is to condition normal people into compliance, a few freaks who know how to use computers don't count.
One conceptual bug, for example, is that it the codec packets of outgoing packets whenever they get a packet with a differing codec. If you connect 2 Asterisk servers with the right delay, and have 2 or more codecs enabled on those, you'll get constant codec switching.
There you have central monitoring stations which check that there always is n+1 redundancy. So essentially at the central operations centres, a computer will compute that every 5 minutes. So any component can fail which shifts the traffic, however no component gets overloaded that way.
So essentially ISPs would have to keep load logs and certify that no compoent gets more than the load it can handle without degradation. (i.e. getting much more jitter or latency) That way ISPs must continuously upgrade their networks to keep up with demand.
... perhaps with an ncurses based UI...
You could simply log in via ssh, giving you an encrypted and authenticated connection without the fear of cross site scripting or other web-problems. It wouldn't matter what kind of device you have as they all run some form of ssh-client. In case you have bad connections you can even use mosh.
... you'd probably get a rather slim laptop which you could dock onto one or more external batteries. The display would be easy to replace with interchangable displays for all models with the same size, possibly even between vendors. The displays would also be available in most technologies, from OLED to sunlight readable transflective LCDs, and all in various resolutions.
They currently introduce a scoring system where everybody gets a score from 0 to 255 depending on what they do. Then scrarse resources (like flats or kindergarden places) can be allocated based on the scores of the applicants.
Now obviously this is a nightmare situation, nobody, including me, would want here, so let me play the devil's advocate and defend it here a bit:
China is a huge country with over a billion inhabitants. You don't want it to become unstable in any way, as that would be bad for the people. Civil wars are no piece of cake. So for the greater good of the people systems are put in place to make the system more stable as a whole. Such a scoring system does this in a soft way while staying as "fair" as possible.
"So why not go Nineteen Eighty-four and ban hard switches?"
There are lots of people who propose that by thinking it's OK if the manufacturer disallows you from modifying the firmware of the device you bought. In fact that's one of the main motivations behind "Secure Boot".
Not everyone wants their phones to be flat. If you look at typical DECT phones, those are bulky and even waste lots of space. However since they are the right shape, they fit nicely into ones hand.
The problem today is that all the manufacturers are focussed on bringing out essentially the same product. This increases development costs (how to shave of another fraction of a millimetre), but lowers margins. That's a very unhealthy situation.
"So how exactly do they do that? ... The hardware doesn't support that."
There is a thing called Focussed Ion Beam microscope
https://en.wikipedia.org/wiki/Focused_ion_beam
It allows you to cut through the layers of a chip and add new wires to it. So essentially you can get to the connections of the internal memory of those chips, unwire them from the internal CPU and connect them via microprobing to an external device which reads it out.
Which is something the Dutch claim to be able to do:
https://youtu.be/AVGlr5fleQA?t=34m23s
"they need to be able to snapshot the full state of the enclave and restore it on failure."
Actually depending on how it's done, just glitching the power at the right time could prevent the chip from storing its new state.
Essentially whatever you do, you'll always get to the point where you'll need to expand your PIN into the key used to encrypt your memory. Everything needed for that has to be stored on the device and can, in principle, be read out.
So the security hinges on the PIN, and since you cannot enter complex alphanumeric passphrases on a touchscreen, you're essentially left with a short 8 digit numeric PIN, often even shorter than that.
So essentially every moderately advanced attacker can just read out the "security enclave" and emulate it to try out all the PINs.
... since returns of consumer products are not in any way related to the product actually breaking, and consumers having no idea if 1% or 10% of their product broke withing 2 years, there is no drive towards quality in consumer computers.
Considering that business computers often even cost less than consumer ones, at a much higher build quality, one wonders why those products are still bought.
Well I could understand all of that if people simply tackled his arguments one by one, but what's happening is that they just claim that it's a rant. He does make some good suggestions like trying to remove the stigma of men reducing their work time.
The world is not black and white, and we need opposing viewpoints to callibrate our moral compasses.
Well the theory goes that if you have people with lots of different backgrounds, you'll get lots of different ideas. Obviously gender is correlated with your background.
(for ease of typing I'm abreviating "women and minorities" into minorities, I am fully aware that this is wrong)
How the problem is that, simply put, minorities often aren't interested in things like programming, so the rate of programmers is lower in many minorities than it is for "white men". However some "neo-left" people want more even distributions, and that's where some organisations start to hire people just because they are in a minority. And then it becomes a problem.
Now if those "neo-left" SJWs would actually want to do something against that, they'd start with things like demanding proper healthcare and a proper social system as well as tuition fees being paid by the public and not the individual. That way everyone choosing to do so can get any career they are physically and mentally able to pursue. Education wouldn't just belong to the rich.
Instead they argue that they must not be confronted with opposing views, which is dangerous. Opposing views are what make you refine your own views. Views are rarely 100% wrong, but rather are likely to have some good points. Simply copying your viewpoint from another will lead to a stagnation. Eventually a groups viewpoint will become simpler and simpler.
Well not quite, since many people believe that those security measures work, they instruct people to do unsafe behaviour. Just look at many websites who want you to install their app. Just look at the many apps which are malware (adware) or otherwise slurp your data.
In fact, not being root on your own device means that you have to do backups via some external provider/app, which is a huge security risk compared to just scp-ing your data over to your computer or NAS.
I mean there's people buying MacBook Airs, essentially fashion statements you can get some functionality out of. There probably is enough space for 2 companies. "Me too"-products can work if it's not the 20th of them.
Of course if you actually buy a laptop in order to work with it, there are many much better alternatives.