Other accounting software accetable to Ukrainian tax office is available.
Handy, that.....
16330 publicly visible posts • joined 10 Jun 2009
That could cause lots of trouble for SX. I think their launch pace from Canaveral is literally one every 2 weeks from either of the pads.
Any hold ups with it coming back up, or on their launches, will have substantial knock on effects.
I think the term SX prefer is "pre used."
Shotwell (in a recent radio interview) said the current versions are good for 3 reuses, the block 5 for 12.
OTOH I think the satellite mass is above the SX baseline price for GTO payloads so there's no published pricing.
Really?
Once people start threatening Messers Sue Grabbit & Run from day 1, no request to rebut, no request to mediate you know there's something smelly.
The original paper looks a hell of a lot like corporate astro turfing to me.
Which TBH is exactly what toy mfgs are doing as the technology advances.
I've often wondered how many staff at toy making companies have moved out of the industry and into more less morally ambiguous industries, like drug dealing, or used car sales.
Which makes this a pretty valuable result, wheather or not it compromises this particular algorithm.
Proving once again that "Crypto is tricky."
However those who bought Sky TV's premium packages can rest assured their content will not be pirated, as they use at least 2048bit RSA keys for their encryption.
Your content will continue to remain exclusive, and not to be enjoyed by the riff-faff, unwilling to pay the "Murdoch tax."
Which TBH I doubt many people would have considered important.
Although that's in the open literature.
Who knows what various TLA's have investigated.
It's a library specifically labelled for cryptography. It's likely to have been high on their study list.
So that they can be set up in time for the next case.
The point about "The Cloud" is well made as PHB types will continue to see the cost savings, regardless of just about every other feature of such a migration.
Although in a kleptocracy it's hard to tell where government ends and criminal gangs begin.
As others have noted it's a cheap way for Russia to disrupt a regime Putin does not like, although the blowback would have been a bit annoying (nothing too serious though, given how well their corporations handled it).
OTOH Attribution is always tricky. The code is a totally artificial structure. You can treat it as a crime scene but you should always beware that any "accidental" slips may have been staged to decoy forensic investigation. That may sound paranoid until a job goes wrong and you p**s off a lot of people, like WanaCrypt with the Chinese and Russian governments.Then it could be the difference between sleeping soundly at night or digging that bag of fake ID out and starting your retirement early
Roughly 3:1 in 1 iteration of the measurement procedure.
The potential revision in the Planck constant is also intriguing, given its intimate involvement in a lot of astrophysics.
BTW I had thought Kibble was also a brand of cat food, but it's actually for dogs. :-( .
For the foreseeable future it's going to take a looooong time to get from A to B in our solar system, which means you'll get cooked by a lot of radiation.
Those elaborately crufted Aluminium cans that NASA, ESA, JAXA, ISRO are the Chinese build have roughly the radiation protection equivalence of 0.5% of the Earths atmosphere. OTOH 3m of Mars regolith will give you radiation protection equal to Earths atmosphere.
But that's a damm heavy lump of mass to get into LEO.
Asteroids are already in orbit. Even a small one one packs a huge amount of internal volume, and can still give you 3m thick walls.
This is the start of an actual viable way for humans to explore the Solar System.
"This issue has nothing to do with Oracle the company or database, it is an attack against a crypto scheme"
Noted.
In which case it's much more serious that I at first thought. :-(
""the problems are in the OSCI-Transport Library version 1.2"
"Germany's public agencies are warned not to use OSCI-Transport until they've upgraded to the latest version of the library.""
3 problems with that.
This protocol has been around since 2004. No one knows if earlier versions have the same vulns
No one knows what the update process on those institutions is. If it's like the NHS some of them may still be running on library versions generations earlier.
The Updated version was released 2017-03-13, IE less than 4 months ago.
Given these factors perhaps a little more Teutonic thoroughness in the testing? Maybe an actual formal analysis of the protocol to find logical flaws?
But this is what really impresses.
"the OSCI-Transport library only needs to be in the classpath of an application - the vulnerable application does not need to actually use the OSCI-Transport library! "
Genius. A vuln you don't even need to use to make you vulnerable.
That said IRL. 1) This looks like an Oracle user issue. 2)How extensive is this protocols use (I'm guessing in Germany, quite a bit) 3) Who uses this version of the library? 4) Do later versions of the library carry the same bugs?
Depending on the answers this could be storm-in-a-teacup level up to almighty-clusterf**k-criminal-charges-deserved.
And yes. Being able to break the encryption of a message at will, which IIRC the German spooks are looking for, makes a mockery of "legally binding."
and if there are no discrepancies, then it lets you in."
Just to be clear you're implying that they don't even check the actual password against the entered password? Are you sure that's what you mean as that's a real "WTF?" moment right there.
On the upside that limits the bug to Siemens systems only.
"And the code was written by Intel - this is built into the chips biut is NOT using the x86/x64 CPU (which is one of the things that makes it particulaerly nasty)."
I am aware of this. But Intel still mfg the chip, even if they basically cut and pasted the MIPS processor, and its code, without any apparent pen testing.
Spying on you.
"which was vulnerable to crafted packets over HTTP or HTTPS"
IOW someone had botched the implementation of an HTTP/HTTPS parser.
Question is was it written in house by Siemens or did they use a library from someone else?
If the latter then potentially anyone else who did will also inherit that set of flaws.
Ooops.
Checked a bit further. Turns out all modern passenger jets with cargo holds within the main envelope will be pressurized, so not a major issue.
OTOH temperature depends on what they are carrying. The only actual data point I've seen is that a 767 hold will not go below 7c due to insulation but may be run at 18c.
So how do peoples battery packs handle 7c IE44.7F ?
That argument cuts two ways.
Such a container has a lot of thermal mass. It all gets a bit hotter but nowhere near close to the average ignition temperature of most of it, smothering the fire.
That said Lithium sounds like something that burns very hot. OTOH water is a complete failure on burning Group I metals.
Impossible to say, as people who do so are unwilling to actually post a reason. Written communication does not seem to be their strong point.
I usually expect down votes from
Apologists for, or beneficiaries of (IE tax money) state surveillance
Believers in security theatre. I guess they're too terrified to leave their basements much.
Those supporters of the D who suspect I'm not wholly sympathetic to his vision.
That's the question of what constitutes "fair" pricing.
If you make money off the internet, shouldn't you pay something back to the internet?
Obviously that depends on how many people who use the service do make money, and what "something" should be.
IIRC $400 is around the Adobe subscription level for their tools.
Thank you once again. One especially intriguing nugget was this point.
"Virtualization doesn't just mean x86 hypervisors. "
Now if you want to migrate off a 40YO instruction set design this sounds quite important. It also implies a way to sift out quite a lot of the HCI offerings quickly.
OTOH
"Windows is going to keep on storing profiles and folder redirections on SMB until the bitter end "
Is quite depressing.
Presumably the later versions are a lot more secure than V 1.0.
SMB is still a fine example of the former Chairman's policy of "Grab them by the protocols (at all levels) and the customers will follow you anywhere"
And it never did.
It was always about the faceless, unelected (and basically unaccountable) data fetishists of the Home Office (has there ever been a Ministry whose incompetence and malevolence has caused as much misery and wrongly directed hatred?) and their like minded (and equally IT illiterate) friends in the Security Service.
Their dream is not a safer Britain.
It's a Britain where they (or their carefully selected friends) have something they can use on every man, woman and child in the country.
Normally people would qualify that statement by "important" men, women etc but this technology means they can afford to do it to everyone.
So they will.
If only.
Though if "the public" thought for one minute about the issues they should indeed be afraid.
Meanwhile data fetishists continue to walk UK citizens to their virtual, impenetrable cells for lifetime monitoring of every aspect of their lives "for their own good of course."