Posts by pdh

Re: Rather the other way round

"There is a significant probability that they're less safe"

To be fair, there are people who take worse care of their data than the average cloud provider does. For those people, cloud storage may be beneficial -- not because it's perfectly safe (it isn't) but because it's better than what they're willing and able to do on their own.

Indeed. I remember reading a few years ago that GMAC (General Motors Acceptance Corp, now re-branded as Ally) was responsible for essentially all of GM's profits over a multi-year timeframe. They broke even on the cars and trucks, and made their money from the loans. From a financial perspective, the only reason they built cars and trucks at all was to generate loans.

> I'm suprised amazon has to abide by airspace rules... no other rules seem to apply to them.

No, that's Twitter...

Next milestone: someone talking about something they did in the past, saying that they posted about it on Twitter (as X used to be called).

Re: Ah, the land of the best Justice money can buy

So what's next? OSHA decides to regulate cybersecurity for electric utilities, the Department of Transportation decides to regulate drug companies, and the Post Office regulates natural gas suppliers?

I completely agree that critical infrastructure needs to be protected and should be subject to cybersecurity regulations. But those regulations should be drawn up by an agency that actually has expertise in that area, under the authority of proper Congressional legislation. The issue here isn't "backward states reject obviously necessary regulations," but "Congress fails to enact necessary legislation."

So a question from the other side of the pond... I'm mildly surprised that individual nations are involved. I would have expected EU-wide regulations for things like this, rather than separate investigations and edicts from separate countries. Is this not an area that the EU regulates?

Re: The sytemd-free ecology

I just google'd "Best Linux distribution for beginners." The top of the response page is a table of 9 distros, with a tag at the bottom saying "15 more." Many non-enthusiasts will find that to be daunting.

Re: By announcing it they have made it irrelevant

Unless of course they already have a suitable technique for capturing these kinds of things, and are trying to bait rivals into sending more balloons sooner rather than later... i.e. this announcement could be a ploy to convince rivals that no such capability currently exists.

Re: Demanding money from a US school?

Schools may not have unlimited funds, but they generally have insurance. A couple of years ago there was a ransomware attack against a school district near where I live (in the US). The district's insurance company paid over $50,000 "to settle the matter." Local news said the school district had to pay a deductible (something like $20,000) and the insurance company paid the rest.

No word in local media as to how much the district's insurance premium increased the following year...

Re: Not persistent, so not a problem

Additional battery capacity is a software switch too, isn't it? So if you don't pay for that switch, then you have a bunch of battery cells sitting there unused -- adding weight to the vehicle and wasting the (somewhat scarce) resources that were used to manufacture the unused batteries.

Re: ex-twitter

There's a short story by Edgar Allan Poe called "X-ing a Paragrab." The crucial "paragrab" is this:

Sx hx, Jxhn! hxw nxw? Txld yxu sx, yxu knxw. Dxn’t crxw, anxther time, befxre yxu’re xut xf the wxxds! Dxes yxur mxther knxw yxu’re xut? Xh, nx, nx! sx gx hxme at xnce, nxw, Jxhn, tx yxur xdixus xld wxxds xf Cxncxrd! Gx hxme tx yxur wxxds, xld xwl, — gx! Yxu wxnt? Xh, pxh, pxh, Jxhn, dxn’t dx sx! Yxu’ve gxt tx gx, yxu knxw! sx gx at xnce, and dxn’t gx slxw; fxr nxbxdy xwns yxu here, yxu knxw. Xh, Jxhn, Jxhn, if yxu dxn’t gx yxu’re nx hxmx — nx! Yxu’re xnly a fxwl, an xwl; a cxw, a sxw; a dxll, a pxll; a pxxr xld gxxd-fxr-nxthing-tx-nxbxdy lxg, dxg, hxg, xr frxg, cxme xut xf a Cxncxrd bxg. Cxxl, nxw — cxxl! Dx be cxxl, yxu fxxl! Nxne xf yxur crxwing, xld cxck! Dxn’t frxwn sx — dxn’t! Dxn’t hxllx, nxr hxwl, nxr grxwl, nxr bxw-wxw-wxw! Gxxd Lxrd, Jxhn, hxw yxu dx lxxk! Txld yxu sx, yxu knxw, but stxp rxlling yxur gxxse xf an xld pxll abxut sx, and gx and drxwn yxur sxrrxws in a bxwl!

Dude was ahead of this time.

Might actually make some sense as an investment, as long as the Greater Fool machinery continues to operate...

Re: A Twitter lawsuit database

There's a wikipedia page for "Google litigation" at https://en.wikipedia.org/wiki/Google_litigation but oddly, I don't see anything similar for Twitter.

Re: Obvious or not?

What you said. Don't confuse "Country A is currently the main supplier of X" with "Country A is the only possible volume supplier of X."

Re: Noooo! Reeeally? Who would've seen that coming.

> OK, they could have the manuals in the van, or know a few models, but the AR headset could contain details for thousands of models.

Or they could have a tablet or laptop computer with thousands of manuals in PDF form.

Re: Transponder

> Besides, the company themselves are unlikely to be absolute idiots. They are going to risk assess and mitigate risks as best they can to ensure their business has a future.

Not to mention -- their CEO was onboard. That has to be interpreted as a strong vote of confidence on his part; you'd think he would know if the craft was dodgy.

Yes, exactly. In my many years of experience with on-prem systems, I never saw a single one that could boast of 100% reliability over any medium or long term timeframe. But when ABC Co's internal network goes down, they don't post the details on a public status page like cloud providers do, and their employees don't take to Twiitter to bash the IT department. I'm certainly not suggesting the cloud is always better than on-prem -- it is not -- but I bet that the major cloud providers' overall uptime is way better than almost all on-prem facilities.

Re: Efficient in what way?

Definitely need to consider the energy and other resources needed to build those new servers. I've read claims that for automobiles, about 60% of the total lifetime energy cost occurs during manufacturing. So if you want to reduce your total resource consumption, then you may be better off keeping your older vehicle on the road, even if it has relatively poor fuel efficiency, as opposed to buying a new one. I wonder what the breakdown is for servers: i.e. what percentage of the necessary energy and etc is expended during manufacture, during useful life, and during disposal.

Re: Lucky you.

YES! For many of us, one of the attractions of Linux is that it runs well on older machines where Windows won't run. I am typing this on a 2015 Lenovo W500 that I inherited when my wife tried to move from Windows 7 to Windows 10 but found it unusably slow. And this is not my oldest Linux laptop.

Re: Make like trademarks, not patents or copyright?

If they still offer support, then I'd say it's not abandoned, but I'd include bug fixes as part of "support." I wouldn't want to penalize the publisher of a small app that "just works" without any ongoing changes (if there ever was such a thing), but I'd insist that there should still be a working support line and that the publisher still stands ready to fix any significant bug or security vulnerability that might pop up.

A related problem: recently I was searching for men's cargo pants in a particular tall size. After just one Google search (which did not pan out), I started seeing ads for cargo pants -- from companies who don't make them in tall sizes. And ads from big and tall retailers, who focus on "big" not "tall." And from companies that sell women's clothing in tall sizes. And so on; many ads but none that were of any value to me.

The ads might not be quite so bad if they were tailored to things that I'm actually looking for, but they hardly ever are.

Re: Just fucking die twitter

Definitely some media organizations still use it. I follow sports on a big-name website, and whenever they have an article about somebody making a great golf shot, or hitting a home run, or scoring a touchdown, the article is sure to include a link to a short video clip onTwitter. That's my only use of Twitter (I don't have an account but sometimes I want to see the home run flying out of the park) and I have noticed no change whatsoever in the last nine months.

Re: Sigh

https://xkcd.com/1235/

Re: What do these give you that an electric bicycle does not?

Dual disk brakes are common on eBikes; they're capable of very very quick stops. And eBikes are much lighter than these eMotorcycles so stopping requires less force.

How to lie with statistics

Much depends on how you choose the starting point for your temperature graph.

https://en.wikipedia.org/wiki/Global_temperature_record#/media/File:Five_Myr_Climate_Change.png

https://en.wikipedia.org/wiki/Geologic_temperature_record#/media/File:Phanerozoic_Climate_Change.png

Re: Talk about non news.

Scott McNealy of Sun Microsystems

Read somewhere but I forget the source: "People in funny hats have been a menace throughout the ages."

Re: ALL of it

So why aren't there more high-impact attacks? That's meant as a serious question, not as snark. Some ideas that come to mind (maybe the true reason is a mix of all of these):

(a) It's not really as bad as it seems to security specialists. I mean, a fitness expert looks at the population of a modern industrial state and sees mostly overweight people who eat badly and get almost no exercise; the expert believes this is deadly but somehow most of these people manage to live fairly long, contented lives, despite the fact that they're doing almost everything wrong. Is something similar happening with respect to computer systems security?

(b.1) That which cannot be said in polite society: sometimes security by obscurity works "well enough," especially if (as I suspect is often the case) it's only one aspect of a multi-faceted security strategy.

(b.2) Sure, a chain is only as strong as its weakest link, but maybe there are other links acting in parallel to the weaker links; so maybe the fact that some aspects of your security strategy are crap, doesn't actually mean that the total system is easy to penetrate.

(c) The Bad Guys are not very competent, or not very motivated, or there just aren't that many of them.

(d) There are in fact a good number of successful attacks, but most of them are not made public (e.g. ransomware payoffs where the criminals do restore access after being paid off). Also perhaps targets are deliberately chosen so as not to yield catastrophe. (Do *not* be the one who hacks Colonial Pipeline or similar targets.)

(e) It takes a fairly long time to successfully hack an average system, even though average systems have plenty of security holes, and this limits the overall number of successful hacks.

I am in no way dismissing the legitimate security concerns that are raised almost constantly these days. I just wonder why, if things are so bad, there aren't more truly high-profile failures.

Yeah, I'd like to know more too. I've seen a number of articles about it, and they all mention the drag sail, the Arduino, and the AA batteries, but no additional details. I gather it was supposed to act as a repeater, accessible by hams, but that part evidently didn't work out.