Re: A solution to the problem already exists
Under what law? Last I checked, there's no CableCARD slot in my DVR box.
16605 publicly visible posts • joined 10 Jun 2009
"until law fill fine any security beach enough that shareholder will change their mind about security...."
And then the firm will just vanish like a mirage, taking the shareholder's money with them to some place outside the reach of extradition. IoT is the new shell game, and the shysters here are experts.
"For consumer gadgets and whizz-bangs there should be some minimum standard (akin to the CE mark on electrical and/or wireless devices) that certifies a level of compliance and security. Of course that won't stop the criminally negligent (or simply criminal), but it would give responsible manufacturers a standard to comply with and enforcement authorities something to work with, like when you find toys painted with lead"
Thing is, nice guys finish last in this world, and the bad guys have gotten the knack of cutting and running down to a routine, so the law doesn't really scare them anymore. Plus, all else fails, they can hide behind China, who's already notorious for not caring how much they knock down the West (it's their way of waging war without waging war, after all).
Because at some point they get SO clogged not even alcohol will clean them. That's why I had to junk the PicureMates (because their carts contain alcohol in them for head cleaning but they still weren't getting the nozzles clean; they'd basically reached the "baked-on grease" state where nothing short of physical manhandling would clean them, and since the head is hidden behind non-user-servicable panels, that's why I went back to the PhotoSmart; at least there you can reach the head).
"Computers/GUIs 25-35 years ago were far more functional & usable for everyone, though, even though programs rarely shared more in terms of UI elements than basic menus."
You have to consider that, 25 years ago or so, the average computer user would probably be considered a geek: a distinct minority. Now, everyone and their grandmother not only have a computer but are expected to use it in their everyday lives for things they usually did another way but can't anymore. Which means the competency level of the typical computer user fell sharply, and designers have to cater to stupid because they're in the majority.
No, as I was trying to point out, how do you dial in exactly 1 minute, 20 seconds on a dial? A digital clock timer with keypad makes it pretty damn easy: 1-2-0-START. Easy, peasy, and dead easy to redo. That's the definition of precision. Try doing that on a dial with only 15-second marks on it...
"I think an ideal solution would be to skin applications to have a techie mode and a dummy mode...hide all the functionality under the covers and build two user interfaces. You have to have both - computers and phones are no longer the exclusive geek toys they were. Personally, I'd love to see simplistic terminal UIs come back where it made sense...IBM midrange and mainframe come to mind due to their ease of understanding what to do even if you've never seen the system before."
But remember Murphy's Law. Inevitably, a dumb user will switch the app to Expert Mode and get hopelessly lost. You just can't win, but since the stupid users outnumber the smart users, guess who wins?
But remember that Microsoft has to cater to STUPID. And by that I mean people who keep asking the help desk, "What's a mouse?" yet are expected to use these things to do important stuff...like benefits filing or taxes. And since you can't fix stupid, teaching them is pretty much a lost cause, so stooping to their level is the only way to get through to them.
"A knob that you turn to set the cooking time is a far more appropriate interface. And why does there have to be a clock? The whole point of microwaves is that they cook stuff quickly."
The catch being that something that cooks stuff quickly also means you can OVERcook something quickly. And if you're nuking something enclosed, like a sausage, you DO NOT want to overcook it or you'll be spending the night cleaning the innards out of the innards of your microwave. Clocks allow for precision, which is pretty important in fast jobs with little margin for error.
"A short-term solution would be enable computationally-expensive anti-reflection features on the various public services that are used in reflection attacks. But secure end devices is the only solution."
Then there's no solution since "In this corner, we have Dave." So we need another plan.
"The only solution to DDoS is to ensure that a website's capacity is greater than that of the capcity of the attackers."
But that sounds like a losing battle to me. Pretty sure at some point someone's going to cook up the mother of all DDoS attacks with a traffic magnification not in the thousands but in the millions, with traffic in the exabyte per second range: such that anyone that needed to defend against an attack that massive probably couldn't afford it in any event. THEN what?
"How about one hardened smart controller and a host of utterly stupid devices that know their own function and no other."
Those are CUSTOM jobs. Custom jobs are EXPENSIVE...to expensive to make it worthwhile, so it MUST be generic or bust. And who cares about the law? They can just vanish in the night when the time comes...
It's an intersection, one of the few places where cars naturally tend to bunch up because they're speeding up or slowing down. Besides, to avoid the crossing vehicle would probably require more than a car length of acceleration room, and there's little hope of avoiding the accident if it (or any car, for that matter) was "boxed in".
"Most US intersections have the green come on as soon as the opposing side goes red."
Actually, most intersection insert a second or two of all red before changing the other side to green. Those that change the instant the other side is red is rare and probably tend to have more T-bones because of cars with bad brakes coming onto the intersection at the judgment call area (right as the lines turn solid, right as the light turns yellow) and decide it's better to rush through than to try to stop and probably end up over the line and nailed for running red anyway.
"That's where the industry is at right now, and will continue to be until some way of understanding "good" security vs. "bad" security can be automatically and easily computed."
But the human factor always gets involved which is why computers can't do it and why you need human actuaries; it takes one to know one, basically.
"Freedom of speech isn't one of their strengths. It would appear that their students are so emotional crippled that any words either written nor oral with any "perceived" bias is a grounds for disciplinary action. Yet these emotional and psychological cripples are allowed to vote."
The First Amendment can ONLY be legally applied in regards to government action. Hofstra University is NOT a government-funded institution, so like any private business can implement their own rules.
PS. The ONLY way to prevent stupid people from voting is to implement some kind of test or standard, which immediately raises issues of corruption. You lose either way.
"I am curious, everyone who says they did not do this refers to the fact that they used no active electronic means to accomplish their goals. But does this "intentional block or disrupt" only apply if someone uses active electronic means to block access to other WiFi networks."
That's exactly the point. Jammers are illegal (the Marriot case amounted to a jammer), but shunts (which are passive and simply redirect radio waves away from an area) are NOT. That's why it's legal to build a Faraday cage.
"Private property still not give license to commit an illegal act, in this case, the blocking of users right to their own paid-for signal of their choice."
If it's a right, then it must be enumerated somewhere. Where in the law does it say one is guaranteed access to their subscribed service? Last I checked, it's not illegal to create a passive not-spot like a Faraday cage.
A paper from 2009 which goes on to cite documents dating back to 1984, BEFORE the Internet went mainstream.
It helps to check the footnotes on page 157. Here's one cited work: "The Design Philosophy of the DARPA Internet Protocols" from the Proceedings of SIGCOMM 88 (meaning it dates back to 1988).
"What about carrier-grade NAT? It's trivial to STUN through it. I've done it regularly. And both ends are frequently NATted when you're using STUN. This is an everyday occurrence. Your objection makes as much sense as someone saying "Oh? And what about if someone's using 110V to power their PC?"; it's a total irrelevance."
Not as trivial as you think (especially if one end is multiple-NATted such would be the case with a CGN), plus there's performance penalties. It's all noted in RFC 7021: "Assessing the Impact of Carrier-Grade NAT on Network Applications".
"Perhaps you'd like to provide a reference for that statement, since it's never been true to my recollection."
OK.
"Despite its origination in the IETF, many in the Internet's standard-setting community have criticized increased NAT usage because it violates the end-to-end architectural philosophy which has underpinned the Internet (and precursor networks) since its inception. Internet engineers first articulated this philosophy in the mid-1980s and later formalized this Internet principle in the IAB's "Architectural Principles of the Internet" document."
Protocol Politics: The Globalization of Internet Governance, Laura DeNardis, p157-8
So like I said, end-to-end accessibility is part of the fundamental nature of the Internet, which NAT violates in one-to-many mode. NAT66 and other one-to-one NATs are fine, however, because they still allow endpoints the ability to be accessed at their discretion (and perhaps that's the thing we need to consider--granting the ability but expecting the responsibility to say no, much like allowing people the vote even if they (like dumb Internet devices) may be too stupid to use it properly).
Thing is, the deal wasn't CLOSED yet (the deal been declared but not tendered), so by doing this now they've practically torpedoed the deal, as Verizon IINM is still in a position to back out. Because both companies are public, the deal also has to be cleared by the SEC as well. Indeed, withholding the breach for as long as this could run afoul of disclosure and fiduciary duty laws.
"His type is why I carry a small squeezy bottle of Chinese chilli oil - the darker the better! Works wonders in focusing people's attentions."
Oh? What if the person you're talking to is accustomed to chili oil...or so plastered as to no longer feel pain?
"I would say Valve *is* convincing developers to support Linux, they recommend and support Vulkan ahead of DX12, put funds into the Khronos group and sponsor tools such as Lunar, present a lot of info at GDC and the like."
And they've been at it for years, and what have they to show for it? Most games coming out, be they indie, small-studio, or big-name, are Windows-ONLY. They've had plenty of time to push SteamOS, and they could've always provided migration tools, WINE layers for older games, and discount incentives, and so on. Why haven't they have anything really significant to show for it despite all that time?
I've taken a look at the gamingonlinux.com, and as I suspected, almost all of them are made by indies with little to hold them back. And while most engines these days are multiplat, developers still don't put forth the effort to make the actual games (which are more than just those engines) multiplat. Why is it that not even Valve can convince the major developers or publishers to support Linux? Take EA, for instance. Sure, the Frostbite engine is multiplat, but where's the latest Madden or FIFA or whatever for Linux? It would have to take something serious to make gaming devs take Linux seriously, and so far not even the backlash of Windows 10 is doing that (probably because Win10 is practically a two-fer: developing for Win10 makes developing for the Xbox One a lot easier). And Valve won't help with that since they know which platform has the most Steam installs (not to mention the largest supported library--compare them for yourself). So it's not like we're going to see a major title come to PC but only to Linux; it would be fiscal suicide.
The argument being that you're starting to see similar kinds of software being used all the time. If you have a particular job being done again and again, it becomes practical to push this function into an ASIC to (a) speed up the turnaround on that process, and (b) to offload work so that the CPU can concentrate on more generalized tasks. That's one reason SIMD/vector computing instructions were introduced: to better deal with common math functions that were used in programs of the day. It's recent Intel CPUs include AES-NI: because an increased need for security has pushed the use of AES so much we end up using it all over the place.
His mother, apparently. Under the Immigration and Nationality Acts in effect at the time of his birth, you can gain jus sanguinis citizenship if you have at least one US Citizen parent who's lived in the US for at least ten years after turning 14. His mother was a citizen, and (last I read) she met the ten-year requirement because she didn't leave for Canada until she was around 28.
I don't think it was ever sold. I had it for years until it was disabled: the function being integrated into the Google Search app instead (with a couple widgets available to take their place). Problem is unlike the old widget, I can't find a Music Search history, so I endup up back at SoundHound.
You'd be better of legally contracting for a customized phone so you can disable that kind of stuff at low level. Otherwise, Google Play Services will always hold the final call, which can be problematic in the face of Doctor/Patient Confidentiality laws.