Posts by YetAnotherJoeBlow

If I worked at Apple, I would quit. No way in Hell I would develop sortware that way - that is insulting.

If this was my idea...

I would put it on github and offer 10K for each 0-day or info disclosure found.

As such, security barely got a mention. It is an awkward grab of consumer data made by an envious and vain corporation.

Might this be one reason why Bezos stepped away so when this blows up, not to sully his reputation - if that is even possible.

This is really problematic. Who thought this up?

Oracle suprise

I mean really, does this article suprise anyone?

Hmm

I wonder who green-lighted that? They obviously know something we do not.

The fix is in.

I still monitor my IRC account and still conduct some business with it. It is very good at what it was originally used for. I guess that makes me old..

Maybe it is just me, but reading what Federighi said sounds a bit desperate.

I have a feeling that Apple will regret some of the statements that Federighi was told to say.

“It is just smoke and mirrors and highly immoral in my opinion”

Now thats the Microsoft we all know and love.

As usual...

The part I am always waiting for but it never happens is:

...And since your DB was obtained illegally, you must destroy the DB under on-site supervision.

Hmm 5g, crypto and mini base station - what could go wrong? All you need to add is a R PI for all sorts of fun.

Two words...

Malicious prosecution.

Very un-sexy

I rode in a Shorts 360 in Honduras a long time ago. We were heavy and as it rolled down the runway you could feel every crack - you could run over a dime and tell if it was heads or tails.

My seat for that adventure was a large cam shaft.

"One last point worth raising, the kernel teams response should probably treat Uni researchers the same regardless of their nationality. Do we really want them setting a precedent that Uni's in China, Iran, and Russia can attempt unauthorized penetrations without sanctions?"

I imagine I would get the same treatment if I submitted the PRs - and I am not a citizen of any of those countries. A mammoth responsibility to police this.

The facts though cannot be ignored:

1) An accredited University actually approved the research. Is this the way research happens these days?

2) The commits made it to the queue. They did not make it to either staging or linus-next. My worries are for any APT crew or some other 3 letter agency - how easy is it to slip in a PR with SE?

It is disappointing on many levels to me.

That chair Tim is sitting in... Is he a pope?

El Reg

"Musk has tweeted to say recovered logs showed Autopilot was not enabled nor installed on the crashed car."

I wonder why the media has not mentioned the above - except for El Reg?

Same old...

Does the Government need this tool? absolutely

Will the Government abuse this? absolutely

Will this end up a legal quagmire? absolutely

The vulnerability that let in a bad actor needs to be found ASAP.

I wonder...

"Never mind that Minsky was over ~60 yrs old."

My wife is 20 years my junior - I wonder how many of those "orgs" despise me? Should I stop my contributions, my dollars?

In fact, in time, almost anyone can be pilloried - especially their enemies. I wonder when the woke will awaken?

Always the same...

They got caught.

1) feign ignorance (the easiest step)

2) waffle

3) cop it and do it a different way

4) get caught again

5) arrogance - tell everyone to read the TOCs

6) goto step 2

motive...

The very existence of sci-hub itself is a testament to the sorry state of affairs that academia, and by extension industry, has become.

What am I missing...

"urges them not to give full and complete answers to questions 41-42, 44, and 50."

Thank you for that tidbit of information. With some common sense, I can produce a list of all those folks that you do not want me to know about.

Why would the government publicly release those guidelines?

Of course we all know that filename extensions mean absolutely nothing and that any file is hostile.

Simple

If POCs were not published, vendors would not fix their products. Here I thought everyone knew that, silly me.

cooling

I wonder what OVH used for cooling - I hope it was not oil...

great

Yet another source for 0-days and hostile links in emails.

Remember...

The earth still owns the garage - no permission to launch, you're not going anywhere.

Eventually...

Until there is legislation with a true and meaningful penalty clause, this charade will never end - and it will get worse. It is like Google said; view every network and endpoint as an adversary.

I hate to think what the exploit will do that finally spurs action. All sorts of horrors come to mind. If we do not step up to the plate here, it is our fault to bear the burden of failure with the remedies that will follow.

A great tool

A fly on the wall told me that it originally started life as bloatware to push apps - now it is a handy app to check for if you are a malware developer and use its services. A real Swiss army knife so to speak - I do not think this is what was meant by reusable code...

No silly, that is not Chinese espionage, that is just Intel's ME software...

Yet again...

Yet another fine example of police work demonstrating that a back door in the crypto is not needed for enforcement action. Every week I see such examples all over the world. By now there is no shortage of evidence indicating that said back door is needed at all - just good police work.

Not best for every use...

In Rust there is "unsafe" code - just because it is all in one place does not really make it safer or necessarily easier. Rust is not the answer to everything and using Rust doesn't mean your code is OK. As in C, Rust has its share of bad coders too.

Maybe I just got a bad taste of Rust when I saw all these damn crates being assimilated when I built the project. I still have to verify all those crates when I certify my code. With the custom standard C library I have to use with some of my clients; that library has been already certified by the clients that use it. In some circles, Rust still has a ways to go yet.

runnaroo

Use runnaroo.com and optionally add these 2 filters to ublock:

www.runnaroo.com###pills-web > div.flex-md-row.flex-column-reverse.row > .col-md-10 > div

www.runnaroo.com##.col-md-10 > div

This makes for a very nice search page result. Try it. ymmv

Yet again

The plod better be careful - yet another tech problem solved without any cyrpto backdoor in the drone. Warrants are not that painful to get.

Wondering...

Does nobody know how to cut a manual check anymore?

Responsibility

If I exposed any data from my clients, they would rip up their contract with me - most assuredly I would loose my clearance for other contracts as well.

Like the OP points out, there needs to be some consequences for carelessness.

Status Quo

Every time this happens, I think that the investors would not be that stupid - yet here we are, again.

A priest...

She is Anglican priest?! WTF? She needs to work at Google, the home of evil.

What if...

If manifest 3.0 takes hold on Firefox, I would imagine Waterfox will have market share over Firefox.

Pondering...

I think that Fireeye was not the target. I would think the FBI would want to know which customer(s) data was exposed.

Interconnects

It is the interconnects that is the secret sauce and co$t - if you can not pipe data in and out at speed from each at all times, they are not worth the cost.

They forgot...

They forgot to add in the pedophiles with the terrorists.

Hmmm

That is who John Hopkins has as a professor in CS? Well now, that explains some.things concerning the quality of education. That is not computer science that is indoctrination.

When someone first brings up the statement "this is not partisan/political" it almost always is.