The best part of this article is the bootnote - I am tempted to start appending it to all text I write on the internet.
25 posts • joined 7 Jan 2014
600ft is too low for primary air traffic service radars. Radar installations are placed on high ground and look upwards, there is too much "noise" near the ground for them to be any use. They are intended to assist in deconflicting and dispatching search and rescue for aircraft, and laws generally prohibit aircraft flying below 500ft other than during take off or landing. The radar at the local airport I fly from (or did when such things were possible) can't see aircraft below about 1400ft. As such a drone flying at 600ft is literally under the radar.
The point is that it is protected when the institution becomes unstable. It is underwritten by the government financial services compensation scheme. If the bank goes bust you will eventually get your money back from the government. Although that may take some time it is better than losing it altogether.
As a software developer, I generally try and pay other software developers for their work whenever I get an opportunity. I have used Ubuntu on WSL for quite some time now, it is significantly more convenient than firing up a whole virtual machine when all I want to do is fire off a few commands using SSH or the AWS CLI. However distros running on WSL often have a few bugs, and a distro specifically targeting WSL sounds like something I am happy to pay for, especially given its the cost of two beers.
I don't like having "The device that stops be getting lost if the weather gets really bad" and "The device I would use to communicate with emergency services if I become lost" being the same device.
I can see how for navigating towns or driving, a phone can do the job (although I still use a dedicated GPS for driving) but for walking, a dedicated GPS is a very sensible investment.
Its not really the collecting of the technical and admin contacts that is the issue, it is the publishing of them in the whois database. If they were collected by the registrar, and kept private by the registrar except in the case of a court order or other legal mechanism (as nominet is doing with .co.uk addresses) there isn't an issue - the registrar has the data that it needs to perform its contract, and can provide that information where there is a legal basis to do so.
The issue is that while ICANN claims to operate in the interests of the domain registrars, its main objective here is to ensure that IP lawyers can continue to use the whois database to identify where domains may sound vaguely similar to a well-known brand, and then charge the well-known band thousands of pounds to hound the owner of the domain until they give it up.
It is true that their income comes from selling advertising space, but the value of that advertising space is created because it targets individuals based on their gathered personal information. If I am an advertiser, I am going to pay considerably more for an advert on a page of someone who fits my target demographic and has had conversations about my products with their friends, than for an advert on a page of a random individual.
We have a number of customers that do their own dependency scans for CVE vulnerabilities using the OWASP dependency checker plugin, it finds vulnerabilities all the time, but having a vulnerability in a library does not mean the application is subject the that vulnerability. It may be in part of a library that is not used, or it may only be exploitable under a specific set of circumstances which will never occur in the application.
Even if you are exposed to a vulnerability, it is often in a 2nd or 3rd tier dependency and you are dependent on the frameworks you are using updating their dependencies, rather than it being anything you can fix yourself.
The key thing is to be aware of what vulnerabilities you are exposed to, and have mitigations in place (or be prepared to accept the risk), it is not feasible to aim for zero reported CVE vulnerabilities.
It isn't completely out of your control, there are a number of things you can do to control costs in a cloud environment, from picking the right technologies in the right places, applying limits etc. This is broadly what "cloud architecture" is about (the drawing a cloud on a bit of paper with arrows going in and out of it is to real cloud architecture, what "Enterprise architecture" was to real systems architecture). Most cloud vendor architecture certifications recognize this, and focus on cost control (along with security) as one of the key pillars of architecting a system.
Every time a customer of mine says they do devops I ask the developers how they are getting on with being paged at 4am to support the system. They always look horrified and tell me they don't have pagers because the operations team do that. They aren't happy when I say they aren't doing DevOps then - a key feedback look of DevOps is that developers feel the pain of operational support, resulting in them putting in more effort to make sure that issues are properly resolved and the system is reliable and stable.
I agree with the poster above that the key issue is that the camera can provide a record of what happens. If we make the assumption that the majority of police are not outright psychopaths, we can probably assume that the situations in which they use force are ones that they believe at the time it is justified. There are quite a few reasons (from psychological "tunnel vision" syndromes through to plain racist beliefs) that can cause a police officers interpretation of the situation to be incorrect, but it is unlikely that in the kinds of events being considered, for the majority of officers, that wearing a camera is going to change their interpretation of the situation (they feel that they or the public are in imminent serious danger).
What a camera can do, when reviewed in hindsight, is provide information as to what kinds of situations are often mis-understood, which could be essential in having targeted training and assistance to ensure that officers better interpret similar situations in the future.
My father, who was a pretty well respected geologist, was one of the few non-americans to work with NASA moon rocks. They are indeed very protective of them, mostly because the cost of obtaining them was very high, and they are one of the few sources of "uncontaminated" geological samples from the moon. There are plenty of "moon rocks" in the form of lunar meteorites (parts of the moon that got smashed off in impacts and found their way to earth) but these have been lying around on earth for many years, and so are contaminated.
Part of the value comes from the fact that geological experiments are often destructive - they involve dissolving bits of rock in acid etc - so the rock gets used up over time, and there are no current plans to realistically obtain any more.
NASA also definately do have "agents" of various types. Having attended the launch of the curiosity rover, they also had what could be described as a small military, who were responsible for enforcing the exclusion zone around the rocket before and during take-off.
That should be fine though, the proposal isn't talking about getting rid of the ability to create dialogues, its talking about getting rid of the ability to create dialogues that you must interact with before you can do anything else.
You can still pop up a dialogue asking if the user wants to save what they were working on, you just can't force the user to interact with it.
The stuff about not making purchasing decisionso etc is oracles standard legal disclaimer they put on any product or slide that talks about roadmaps or future versions. It's not really slapping them down in an addendum, it's boilerplate text.
That being said the future of products acquired by oracle is never very clear.
The fact that EA accounts are regularly compromised does not indicate that EA have been hacked, it indicates that people who play EA games have weak security.
My experience is that often people set weak passwords on accounts that aren't thought to be important (it's just a game) and then forget to update them when they later add payment details to the account for in-game purchases etc.
Biting the hand that feeds IT © 1998–2020