Posts by Pascal Monett

"Malicious USB devices"

Sorry, but I am less worried about that than I am worried about state-backed miscreants infiltrating and wreaking havoc from afar.

The rule is always the same anyway : once local access is possible, all bets are off and the system can easily be compromised. A malicious USB means some traitor has decided to usurp his position and authority in order to do evil. There are safeguards against that, but the best safeguard is treating your personnel properly and paying them fairly. If they work in a serious branch of industry, they should know the importance of their position and that should be sufficient.

"it's most likely a case of using REvil-linked scare tactics to extort payment"

Hmm. What about REvil is starting to feel the summer coming and just wants to lay back and take it easy for a bit with a margherita or two ?

Or maybe REvil is trying a new tactic to find out just how many cowards are going to fork over the moolah ?

Sure, it could be someone else piggybacking on REvil's reputation, but not necessarily.

This "takeover" is starting to look like a trainwreck

And Mr Billionnaire apparently can't make enough billions fungible.

I think that should incite into a rethink of a person's personal fortune. You have $100 billion in company assets ? They're not yours until you've sold them and actually converted them into cold, hard cash.

Of course, that would make for a lot less glamorous news titles . . .

If this was truly a good will operation . .

. . they would just send an email saying "You have been the recipient of a GoodWill message. Do three good things and document them on social media, then send this message to ten other companies. Thank you for your cooperation".

That way, the companies that truly have some good will will be honored for showing it, whilst the other will continue business as usual.

There are two ways of taking over a country

One is by military force, but that has the bad habit of being poorly viewed on the international scene, and creating resistance on the local scene.

The other is by subverting the country's economy by "helping" with infrastructure, like many of China's "donations" to Africa. Once Beijing has its claws into a strategic part of your infrastructure, you'll find that Beijing's "suggestions" are accompanied by rather obvious implications.

This is the difference between Western politicians and Eastern politicians. In China, they play Go, in the West, they play checkers. Only one of those has long-term implications built in.

"We [..] believe in the right of all employees to decide whether or not to [..] vote for a union"

Right up to the moment some of them decide to actually do that, at which point it's no-holes-barred intimidation and harassment tactics until they abandon that idea.

And I love the argument of "19 employees should not be able to decide". That is a typical strawman argument. You pretend that you want all employees to decide, but that is just an excuse to bash those who do.

And, as far as the USA is concerned, you can replace Activision with any major corporation, they all behave the same on unions because unions will force them to spend more money on their employees and the Board doesn't want to do that (eh Amazon ?).

Now contrast with Luxembourg. In the 1990's I was working my first job as a junior consultant programmer in Lotus Notes. The company was called Computerland Europe, and, at the time, it was going forward in leaps and bounds. New employees were coming in practically every month. It didn't take long for us to reach 50 employees and, when that happened, we were all called to a meeting by top management. In that meeting, we were told that, having attained and exceeded the magic number of 50 employees, Luxembourg law mandated that a union be formed. Our CEO thus told us that we were to form our union right there, and management left the room.

We looked at each other in total surprise and, for some, a little bit of shock. Nobody had been expecting that. So we went about to create our union, electing members (I was one) and following the charter that management had transmitted to us.

And what did this union actually do ? Basically, we made sure that security measures (fire) were known and respected, and being available if any employees had a complaint. I wasn't there long enough for that to happen, the company was still on a meteoric rise. That's not generally the kind of period where employees are unhappy because everything is always changing for the better.

Besides, in Luxembourg before 9/11, if you were unhappy at your company, you could just find a new one, simple as that and almost everybody did it.

So I'm quite happy to work in Luxembourg, because my rights as an employee are enshrined in law and no company can escape that. Of course, there are always the few who try, but they end up against the ITM - l'Inspection du Travail et des Mines and, having done some work there, I can vouch for the fact that they don't pussy-foot around with employee rights. If you have the proof, that company will pay.

"the United State in charge of software security standards"

Typical. The USA gets to tell everybody else how to do their job, then sits back and watches the minions scurry.

Why am I not surprised ?

The problem is convenience

Sure, it is very convenient to Sign in With FaceBook/Google/Microsoft.

On the other hand, security experts have been constantly repeating for years that you should not use the same passwords for all sites you sign up for.

How does that compute ? It doesn't. Where does that get us ? To this sort of problem.

I never sign up with any 3rd-party identifier. I manage my own passwords and I don't sign up to social platforms (well, Google signed me up for Hangouts when I got my Gmail account, but I'll be damned if I use it).

I'm glad they found solutions to correct the issue, but I still won't use those kinds of services.

Good luck hijacking my 24-character passwords.

NVidia has experience with liquid cooling

I have an RTX 3080 and, although you might say that it is air-cooled, there is still a bunch of liquid in there to get the heat from the GPU to the fans.

I wonder how that will work for the datacenter. For the moment, the A100 doesn't seem to be liquid cooled, but it sure is outrageously expensive.

"an opportunity to preempt this threat"

Here's another one : don't download anything to your production server before validating it on your test server.

Because you have a test server, right ?

RIGHT ?

"confrontational"

I'll bet he is. He doesn't want to roll over and let the northern lunatic take over the south.

I'd be pretty confrontational too, if I had a dangerous megalomaniac for a neighbor.

"declined to make public any [..] figures that would demonstrate their true performance level"

And why would China make figures public ?

Much better to keep everybody guessing.

"patches to fix patches seem to be becoming a little too common"

Okay, I'll be the first to admit that networking is not always easy, especially when you're a vendor with an uncountable number of variations to handle.

Still, I stand by the idea that having a Quality Control team to test and wean out the at least some of the problems would go a long way to make these out-of-band patches rarer than they are.

You still can't have your cake and eat it

"an internet platform cannot facilitate free speech for one demographic of its users while applying extensive political censorship against another demographic of its users"

Well, it seems that Borkzilla (et al) must make a choice : either it is for free speech, or it is for raking in the dough in oppressive dictatorships.

It's going to be interesting to see how this goes.

Great news

"A little more than half of the illicit proceeds, $15,111,453.84, has since been transferred from Swiss bank accounts to the US government"

So Uncle Sam gets a windfall, but the companies who paid for the non-existent ad views get what ? The satisfaction that that particular crew isn't scamming them any more ?

"while Microsoft plays with the concept"

Microsoft : playing with every single concept it can think of apart from making its OS streamlined, out of the way, functional and fast.

Wait a minute

"speed up bag tracking, enable preemptive rerouting based on weather conditions"

Isn't that stuff they're already doing now ? With computers ? What exactly is the improvement AA is expecting after having spect weeks, if not months, handing their current system over to the single-point-of-failure platform that is Azure ?

And when Azure is down, will that mean that pre-emptive routing will not work, or will AA keep the existing system as an emergency backup (yeah, as if that would happen) ?

BAYC

Oh, those images I can find in an instant on Google Images ?

And some people paid money for that ?

The depth of human stupidity knows no bounds - especially when they're full of money.

"living-off-the-land binaries"

Now that's new to me. What on Earth is that ? Notepad ?

What's the bandwidth on these things ?

A terabyte of data every minute is a rather tall order to transmit via WiFi, even with 5G. Also, 60TB of data is one heck of stack of hard disks to put in the trunk (or boot), and driving for one hour is not all that uncommon. What is the data retention policy ?

So how is the car linked to the Azure server, and what is being sent/received ?

Also, when the learning phase is over, what kit is going to be left in the cars ?

"wireless chips can no longer be trusted to be turned off after shutdown"

So it is true, the mafia types are right to put smartphones in lead boxes when they meet.

"not everyone is yet ready to return to the corporate altar"

No kidding.

The one good thing about COVID is that it has amply demonstrated that going to the office is not a requirement to being productive.

Oh sure, for the insecure managers who like counting heads, yes, having all your minions on hand must be very satisfying indeed, but unfortunately, your minions have worked off-site for almost two years and productivity has not gone down.

You're going to have to live with that fact now.