Re: Great murder choice.
Various states are/were planning on it:
455 posts • joined 28 Nov 2009
I agree. But in the interests of accuracy, this isn't (quite) a "3 year old safety directive".
The Safety Bulletin from Boeing was 12 March 2019, so 2 and a quarter years old.
The Airworthiness Directive from the FAA, the regulator who has authority over Boeing, was 16 January 2020, so 1 and a half years old.
The FAA obviously didn't think it was urgent, they gave everyone 3 years to comply. And that time hasn't run out yet.
There are automatic lockouts to prevent the *pilot* from raising the landing gear on the ground. Probably including weight-on-wheels sensors, and/or checks on altitude and airspeed. However, as part of the maintenance, the *engineers* presumably disabled those safety systems. They're supposed to install the locking pins, so it's physically impossible for the wheel to move, before doing that.
Unfortunately, ground maintenance crews need to do a lot of things that you wouldn't want to be done in normal flight, as a normal part of their repair / diagnosis / maintenance work. So they have the ability to override the system, and safety is supposed to be assured by them following the procedures.
The money is going to Blue Origin, not Jeff Bezos personally.
Building and testing and launching the rocket wasn't free. It was an investment made in the hope of making money by selling tickets in future. Like the way every other startup company works.
28 million is actually not that much compared to how much has already been invested in this.
Be thankful that some of the money is going to charity. Don't begrudge the company it's revenue.
Since they already have a working and debugged design that they have already manufactured, launched and operated once, can't they just make a new Hubble and launch it?
Note that I don't mean an "improved" design, I mean a straight copy but with the mirror shaped correctly this time. We know that an "improved" design is expensive and time consuming. We know that Hubble, as-is, is doing good science, but will fail soon.
I'm wondering how much a new Hubble would cost compared to the price of a servicing mission.
To see one example of this: Open Google Maps, in satellite mode, go to Australia and zoom so Australia is roughly the size of your screen. Now look at the oceans to the south-west or south of Australia. You'll see a bunch of lines crossing them. Zoom in on the edge of one of those lines.
Each line is where a ship has gone through the ocean with the right equipment to measure the depths in high resolution. So you'll see the high resolution data there. The rest of the ocean is "blurry", because there is only low-resolution satellite data available.
They use sonar that scans a distance either side of the ship's course, hence the width of the lines.
South west of Australia is a good place to look, because of the search for MH370. They did a lot of mapping looking for the remains of the aircraft on the seafloor, and it looks like that data ended up on Google. (Looking for an aircraft underwater is done by measuring the sea depth at high-resolution, then looking for an aircraft-shaped bump in that data. If something looks possible, they send down an ROV to take images of it). You can clearly see many of the rectangular search areas.
It's clear that they've already chosen a T-shirt printing company and a blue T-shirt, and may even have pre-ordered the T-shirt stock. The requirements are taken straight from their supplier's requirements for ready-to-print artwork, for the printing service they've selected.
"They did not take into account the analysis and required tuning that needs to occur prior to real-world deployment to get optimal results."
Convenient how that claim can be used to cast doubt on any study the makers don't like.
Also interesting to hear that the model "requires tuning". One would think that the human body is pretty much the same all over America, so tuning wouldn't be necessary. However, if I was ever to start a company selling snake oil, I'd use this line - it lets me bill for the software and get in there billing for integration and "tuning" without having to deliver anything useful, and if there are problems reported I can go do more "tuning to fix them", and who knows with enough "tuning" I may even be able to come up with something that mostly works.
Sadly, there are far too many device manufacturers who drop a whole Windows PC into their product. Then fail to update it. This includes fancy electronic measuring equipment (oscilloscopes and more specialist kit), it includes multi-million-pound medical equipment, computer controlled manufacturing equipment, and lots more.
Did that really need the ISS, or would a small one-off disposable satellite have worked just as well? I doubt the astronaught on the ISS did much more than unloading it, plugging it in and turning it on.
I mean, sure we have the ISS there with all its systems and regular freight flights, so it was probably cheaper to do it that way, if you ignore the costs of building and running the ISS (since they would happen with or without that mission). But if you figure the total cost to NASA then the ISS was an expensive way to do non-human science.
The only real justification for the ISS is learning about crewed spaceflight for some future crewed space mission.
OTP has a very long history ... of being broken because people don't follow the rules:
1) The OTP must be generated in a truly random fashion.
2) The OTP must never be reused.
Breaking either of those rules means you end up with no security whatsoever against a determined attacker.
OTP also has the key distribution problem - you have to give the person you're talking to a copy of the OTP ahead of time, in a secure manner.
If you are disciplined enough to follow the rules, then OTP is secure.
After re-reading, I think you're mistaken. There's two separate scams here.
The BOFH personally arranged for 10 high end laptops to be delivered directly to "the user" and then sold by the company for 70p.
The BOFH was surprised to hear that Dave has retired at the same time as a bunch of untracked laptops that had been delivered to Dave went missing. The number of laptops is not specified - it's however many they bought less the 20 that came back and the 10 that the BOFH bought. It's implied that it is a lot.
"Stream ciphers", one of the common kinds of encryption algorithm, work by taking a key and generating a long string of pseudo-random numbers from that key. That then gets XOR'd into the data.
It's the same algorithm to encrypt and to decrypt. (Like how ROT13 is the same algorithm to encrypt and to decrypt, except a lot more secure).
So it's certainly possible that a core bug results in the specific sequence of instructions in the pseudo-random-number generator part giving the wrong answer. And it's certainly possible that is reproducible, repeating it with the same key gives the same wrong answer each time.
That would lead to the described behaviour - encrypting on the buggy core gives a different encryption from any other core, so only the buggy core can decrypt it.
No, because of the way crypto is designed. Any miner who tries to submit a mined block, will have it tested by every other node on the network. If the miner's system glitched, then the block just won't be accepted. And this sounds rare enough that a miner would just shrug and move onto the next block.
OK, so you could document that "once you reach your spending cap we will stop your services (and stop you from launching new ones) as soon as possible. Due to usage reporting not being instant, it may take up to 15 minutes from going over your spending cap until we stop the services and block new services from starting. You must pay for your usage during that time. If, due to systems failure, we fail to stop the services, you don't have to pay for your usage after the 15 minute period, unless we can show that you knew there was a systems failure and deliberately abused it."
They don't honestly expect a full payout on all the theories they've advanced. But they can ask now for profits, since the profits were allegedly made by breaching the Oracle agreement. And if their other theories are thrown out in court, they can't come back and ask for profits later, it has to be in the original complaint.
US court procedure is that they're supposed to list all their possible claims up front, and then some may be knocked out as the litigation progresses. They're not allowed to add surprise new theories at the last minute. They can only amend their claims if NEW information turns up (or if they screwed up with how they wrote the claims they can fix that). This makes things simpler for the other side, they know what they're defending against.
$4k a month is $48k/year. Less taxes. Depending on where you live, that may be a very low salary for a developer or project manager role. There are cheap places in the world, but then there are places where you might struggle to pay your living expenses (rent, bills, health insurance) with that little cash.
If he's in California and working as an experienced full time project manager, and adding significant value, then $131k/year isn't too unreasonable. Similarly for a full-time developer.
Most highways already have perfectly good dashed white lines painted on them, separating the lanes. They should just work with autosteer. There's no need for anything "special".
Recharging the car with a slot in the road has been done, but it's complicated and expensive and really not worth the hassle. Just stop for a coffee and a loo break, and let the supercharger recharge your car while you're doing that.
> BTW what happens if two driverless cars meet each other on a single track road?
No such thing. There's driver assistance, but no fully driverless cars yet. When there is, it's unlikely that they'll be driving down single track roads at least to start with.
Apparently it logs everything to HQ, unless you disable it. And if it's a car Tesla send to the press so they can review it, Tesla make it so the reviewer can't disable the logging.
After an episode of Top Gear showed the car "running out of electricity" and being pushed, Tesla looked at their logs and announced that the car hadn't actually run out of juice, they were just saying that because it made better TV. Musk was apparently shocked that Top Gear would stage something entertaining rather than reporting boring facts - he clearly hadn't watched the show enough.
To try to prevent further "misleading" reviews, Tesla made sure that reviewers know that the car has logging enabled.
> WTF if you are emulating an instruction set why not use the one systems already running on and your developers already know?
1) The amd64 instruction set is hideously complex and hard to emulate. Mainly because of backwards compatibility. While knowing nothing about the eBPF instruction set, I can confidently say that it's a lot simpler than amd64.
2) The advantages of amd64 are: You don't have to run it in a VM, you can just run it and have huge security holes, so that advantage is not actually useful. And: your developers already know it, although if you try to pick a sane safe subset then you lose that advantage as the developers have to learn what's in the subset and what isn't.
3) If you want to design a "safe" language, you don't start with an unsafe one and fix the holes you know about, you'll miss some. You start with a new, simple, well-defined language and try not to introduce security vulnerabilities as you go.
People use Windows for backward compatibility with existing Windows apps, and with future Windows apps that they might buy.
WINE is not compatible enough, and probably never will be.
(I mean, WINE is great and if it runs the Windows apps you want to run, perhaps with a bit of messing around on your part and/or a few minor features broken, then that's great. But that's not enough for all customers, and worse it's not predictable without trying it. It's never going to be as compatible as just starting with the Windows codebase).
Switching volunteers is easiest. OpenReach have done a bunch of them, for people who wanted FTTP broadband.
Switching people who are getting a new service anyway is next easiest. They are in contact with their provider to book the install, it's just going to be a slightly more major job. That's where OpenReach are now.
Switching people who are resigned to it is harder, but still OK. You message them and tell them they need an appointment and they book an engineer.
Switching people who don't want any of this newfangled Internet stuff is going to be hardest, it will take a lot of persuasion. That's where Smart Meters are right now. (See: All the ads for Smart Meters and how they magically save energy).
Some people will flat refuse to switch, OpenReach will have to cut them off. That will be a PR nightmare unless OpenReach are careful.
The project plan on kickstarter is a trainwreck.
(Edit: The Kickstarter has failed, but I'd written part of this analysis before I'd realised).
*** What matters? ***
For a project like this, I think the essential parts, most important first, are:
1) Compiler & Runtime, for 32-bit Windows EXEs, with support for everything except database connectivity. This would be valuable, it would let people develop using the existing Microsoft Visual Basic IDE and compile and run their pre-existing code. Everything else is built on top of this!
2) Form editor. This would allow people to develop new code, or modify existing code, without having to have bought a VB6 license. OK, might be a bit kludgy moving between a text editor and a separate form editor and a separate command-prompt to use to compile, but it would be doable. Without the compiler (1) this is useless.
3) Support for other target types in the compiler - DLLs, ActiveX controls, etc. These are much less common than full Visual Basic EXEs, but are important for some people to replace VB fully. This is an improvement to the compiler (1).
4) IDE with all the basic VB6 features except the debugger and database connectivity. This would include an improved, integrated version of the form editor from (2). Without the compiler (1) this is useless.
5) Debugger. Would probably be built on the IDE (4), otherwise I'd have put this higher up the list.
6) Database connectivity. Important for a whole bunch of apps, but at least SOME apps can be written without this.
The nice-to-have features include:
6) 64-bit support in the compiler and runtime (1).
7) support for using 32-bit ActiveX controls in 64-bit code
8) anything that's an improvement over Visual Basic. While improvements are nice, what people care about most is existing code and being able to replace the Visual Basic IDE with this.
somewhere around number 526) the ability to change the theme in the IDE to "dark" or "light".
*** So, what do they have now? ***
Well, they have an IDE with a "form editor" that can create forms but can't load existing VB6-created forms, which means it is entirely suspect - if it was right it should be able to interoperate with the VB6 IDE. The IDE has a fancy text editor. It has support for "dark" and "light" themes!
The compiler and runtime doesn't work, you can write "hello world" but there isn't even support for most of the VB language in the compiler, things like common loops are missing. The compiler only supports .exes.
*** So, what do they promise? ***
Well, a whole bunch of things, including all of the above, plus Git and Subversion integration, automatic code generation for GUIs that wrap databases, an Active Directory library, a plugin for the legacy VB6 IDE that lets you compile with the new compiler, ...
*** How long is this going to take? ***
According to the Kickstarter page, it will take one person 9 or 10 months.
Despite the fact that Microsoft had many many programmers working on VB6 for years, this guy says he can do this project, that includes a LOT more than VB6, in just 10 months.
Reality check: He can't.
In my opinion, just getting all the "essential" parts from my list above done, will take one person perhaps 5 years. Then he's added another couple of years of extra complexity!
And he's not tackling the most important bits first, so when the project fails, everything will be half-done and useless. If he just concentrated on a 32-bit VB6-compatible .exe compiler & runtime, then a buggy version 1.0 would probably be achievable in 10 months, and a year or two of bug reports and fixes would get something reasonable, especially if it's open source and he takes patches.
*** What's the budget like? ***
Another trainwreck. He's made the classic mistake of undervaluing everything.
He's paying himself a salary for 10 months that's equivalent to £36k/year, which is low for a professional programmer with 15 years experience. There is no allowance for the fact that if/when he fails to deliver people will want refunds, so he should be pricing things higher to account for the high risk, so his risk/reward ratio is balanced. There is no allowance in case (when) the project runs long. He's selling "support" as part of the rewards, but hasn't allocated any money to pay for the time he's going to have to spend on support after the release is "done".
He's trashed his future revenue source by promising "lifetime" discounts. Just... never do that. Anything claiming to be a "lifetime" benefit won't last that long, either the seller will find some small-print way to revoke it, or they'll flat out break their promise, or they'll go bust. All of those options will make your customers hate you. And he's included an 80% lifetime discount in some tiers!!!! You can't afford to keep that discount going forever.
He's grossly undervalued the product. That's a mistake that's tricky to recover from. This is a VB6 replacement, pricing should be based off what VB pricing was. €120 for Enterprise Edition.. just no. Enterprise customers are the ones yelling "just take my money, give me the most shiny, I don't care how much it costs". €999 reduced to €499 for Kickstarter, maybe. And €95 for 5 professional licenses, that's €20 a seat for a company that's big enough to have a few developers... those developers are earning more than €95 per DAY EACH, why would you charge them so little?
Blockchain is all about creating something that can be sold. Whether that be mining or NFTs.
Unfortunately there's no intrinsic value to the things being sold. They are only valuable because people believe that they are. It's a speculative bubble where those who get out at the right time will make a fortune, and others will lose loads.
In a real school shooting, the robot is expendable. If it can safely find the gunman, then it gets destroyed, then I'm OK with that.
Treating a single bullet wound (that is non-fatal or just not immediately fatal) in the US medical system probably costs more than the robot.
There are probably more cost-effective solutions. Though the "digidog" can push through heavy swing doors, and with the optional robot arm it can even open doorhandles, which other drones can't.
Actually, it assumes the app will work most of the time for most people. If it happens to fail for you, tough. Go use the non-app option, if there is one and if it's accepted. It won't be accepted everywhere, no matter what the government says. Most likely, you need to go buy a new phone so you can use the app.
Blockchain is a public record-keeping system for when you can't trust any one person. So you get a load of people using their computers to keep the records, and deliberately design the system to be hugely inefficient using loads of computing power. The system is designed so that over 50% of those people (measured by "amount of compute power") would have to collude to subvert the system.
For Bitcoin & clones, this is a not-totally-unreasonable approach. You can have a money transfer system that no one party can control. Although the environmental impact is horrible.
For everything else, it's a stupid design. There will always be one party you can mostly trust, who can run a centralised database. If you want to stop people fiddling the records, there are simple cryptographic approaches to detect that, and there is always the option of running your own server with a copy of the data. (E.g. see how Certificate Transparency Logs work).
Unfortunately, everyone has a video camera in their pocket. And while you might get away with unobtrusively releasing a single bird, releasing a hundred at the same time would probably be noticed. Especially if you hold regular races, and advertise online when you're going to be having the next race...
Also, if you keep doing this, at some point they'll just start fining the ferry operators, or threatening fines. That will mean that the ferries will stop accepting lorries full of pigeons.
Likely to be illegal.
If you're in EU waters, EU law applies. For practical reasons you haven't gone through border control yet, but you've still imported the animals into the EU. If you deliberately release them before going through border control & quarantine, you're going to be in trouble.
(The same applies if you dump waste into the ocean in EU waters).
> the agency said it had "never passed information onto the security services." Such an unambiguous response is exceedingly rare
It's actually not as clear as you think. The law, section 39(4)(f), says "an Intelligence Service", the reply says "the security services". So is there an "Intelligence Service" that they don't consider to be "the security services"?
They also didn't answer about whether they have ever passed on data under section 39(4)(f), which would allow them to pass all the data to the police "for the purposes of a criminal investigation". The police could then have forwarded the data to the security services. That way, they could still claim they "never passed information onto the security services" because they didn't, they passed data to a middleman.
There is a long history, especially in the US, of intelligence agencies making very careful denials that are literally true but very misleading. OK, this is the UK, but I'm still sceptical.
A better set of FOI questions might be:
Please list every disclosure you have made under Statistics and Registration Service Act 2007 part 39(1)(a). If any disclosure is exempt from disclosure under FOI, please state so. If no disclosures have been made under this section, please state so.
... then repeat that for (b), (c), ... (i).
Windows 10 version 1607. Almost 4 years ago. Though it's optional and defaults off, for compatibility with old apps that might assume the 260 limit would always be there. Link below tells you how to enable it.
Also, Windows NT has supported file names up to 32767 characters from the start, but only if the app does a bunch of horrible things. (The app has to call Windows APIs with Unicode path strings only, using absolute paths only, and it had to prefix the path with "\\?\").
It was a *perpetual licence* but not an entitlement to *perpetual support*.
No software vendor can keep providing free patches for their old software forever. The cost of providing future patches for a period of time is included in the purchase price. So *some* limit is reasonable.
Though I'd argue that bug fixes should be provided for 6 years from date of purchase, at least in the UK. Physical goods that were defective when sold have to be fixed if the purchaser notices the fault within 6 years of purchase (Consumer Rights Act 2015). I think the same should apply to software. Sadly, no software vendor provides patches for that long.
The RAM is one of the first things you want to bring in-package.
The RAM bus is dog-slow, it has to be to work with only a few hundred pins, each of which is limited in speed due to having to work over a few inches from the processor to the DIMM, and through five connections (CPU->Socket->PCB->Socket->DIMM->RAM chip). It's also limited because RAM interfaces are standardised, while overclockers may custom tune their RAM speed, that isn't done for normal PCs.
This means that in modern processor designs, the RAM speed is often the biggest bottleneck.
Using HBM or similar lets you put the RAM dies on the same "interposer" as the core, just a centimeter or so away. It also lets you run a thousand or two wires to the RAM chips. This makes them much faster. Since they're permanently attached together, you don't have to worry about standards so much, so long as the system is designed together to work reliably.
Note that Google will probably never upgrade the memory on their servers. So they don't care about the "upgradability" advantages of separate DIMMs.
Yeah, the police like clear-cut crimes.
"Having sex without the woman recording consent on the app" is a nice easy thing to prove in court. And it doesn't matter whether the woman actually consented but forgot to record it on the app, or consented on the app but changed her mind, or was coerced into using the app, or had her phone grabbed so her attacker could set the setting on the app, or consented to something different from what happened. All those cases have a nice easy travesty-of-justice outcome that means the cops don't have to do much investigating.
In contrast, the current law is a lot more nuanced.
"In a free market, Sweeney said, rates would be much lower due to competition"
In a free market, anyone could put whatever app they wanted on the app store. No scanning for spyware, trojans or other malware. No proof that this app really is from the bank it claims to be from. No checking for scams. No checks that apps are age-appropriate. No checks that the app actually does what it says and could reasonably be considered worth buying.
Apple actually adds a lot of value for it's customers, by carefully curating the App Store. OK, it's not perfect. And from the point of view of the legitimate app authors there is definitely room for improvement.
Also, in a free market, if you wanted your "free" app to be distributed via an app store, you would have to pay the app store for the distribution and marketing they are doing. In the Apple/Google model, truly free apps are free to distribute, they're subsidised by Apple/Google's profits from paid apps. And "free" apps with in-app purchasing are distributed in exchange for Apple/Google getting a cut from the in-app purchasing revenue, which they enforce by requiring you to use their own in-app payment mechanism.
I'm not saying the app store prices are reasonable, that's always going to be a judgement call. I'm just saying that the app stores provide significant value over and above a payment processor.
What's more, due to the requirement that Starlink satellites focus the beam at the ground station, they have to know where it is. And the ground station has to know where it is to focus the beam at the satellite, so it probably has GPS built in.
So the system has GPS coordinates for each ground station, and can just refuse to work with ground stations in China, or in any other country where Starlink doesn't have a license.
Don't know why the author of the article made this a big thing.
Biting the hand that feeds IT © 1998–2021