Strategi iq option 1 menit
I assumed that GPS would only be a useful shutoff switch for an automobile cellphone defeat. It can t be that hard to detect motion enough to shut off the mike input and turn it back on when you re stopped. That way your phone teaches you correct behavior patterns. The cries of outrage about it have never managed to back up their ideas with any experimental proof. Most of the objections are based on flawed models of what a human really is. That s why so many ideologies and cultures fail to improve conditions that all agree are bad ideas with horrible effects.
a couple of gems from today. one of them is spot on the discussion of robust software engineering. I thought that the Great Frost of 1740 killed a significantly larger portion of the population than the Potato Genocide of the mid-1800 s. The Washington Post vs. Trump the Last Great Newspaper War. Vanity Fair. Betteridge s Law applies. The deck Breaking story after story, two great American newspapers, The New York Times and The Washington Post, are resurgent, with record readerships.
Russia War Fever and Putin Derangement Syndrome are source driven; in other words, we re looking at a particularly debased form of access journalism. Very little reporting is going on at all. That said, you can see the economic benefit a well-placed source, or a cabal of sources, can convey. This sounds like James Risen s beat. This is called operant conditioning in the trade and it works. Maybe he can write a tell-all, now that the Times management has defenestated him. News of the Wired.
A Look into NASA s Coding Philosophy Student Voices. Very interesting, and sheds a whole new light on government work. Suffice to say that fail fast isn t an appropriate management or programming philosophy for, say, launch control system software. How far can the rot in the Linux Community and the extend it s anti-dev contributor aura extends. With friends like these August 1, 2017 5 14 AM. Who needs enemies. One bit to rule them all August 1, 2017 5 34 AM.
but also what, please, would keep those, oh so unaffordable developers away from doing what they do now, too, namely to write oss. We actually have a fine example of my assertion right here under our very noses Thoth, a highly skilled engineer putting massive amounts of time, effort, knowledge and expertise into developing innovative HA-solutions and struggling to make ends meet after having abandoned his well-paid Govt Def-Sci job.
To the point that he is retiring some of his OSS stuff and asking himself if he made the right choice. The point being that developing non-commercial security-centric HA solutions for the 0,01 is economically unviable. And even a commercial start-up is unlikely to survive without venture capital or selling itself off to some existing big player. I double-dare you give up your well-paid job as a contractor or payroll employee for whomever you re working now and like Thoth start working on products of your own and developed according to your own standards.
You will find it less than rewarding, both financially and in terms of job satisfaction since no one is interested anyway. It will be just a matter of time before you take up well-paid side gigs assisting some well-funded hipster start-up working on yet another useless social media app that doesn t have security but data collection built in by default.
The only way around this is by imposing very strict legislative and regulatory requirements that inevitably will turn software development into a corporate and government controlled monopoly answerable to none. Stuff like Tor will cease to exist, and the only people with even the lowest levels of digital privacy and anonymity will be those able to fork out mucho dinero for it. Again from a strictly technical point of view, you are absolutely right.
But you don t seem to get the real-life implications of what you are proposing. How far can the rot in the Linux Community and the extent it s anti-dev contributor aura extends. Linus like certain others believes that one way or another calling someone else s opinion BS validates his own. In general, it doesn t contribute to a productive discussion and essentially just alienates people from you.
I do not know why you dislike so much foss projects; perhaps you had bad experiences with low-quality free software in the past. Choosing wisely what open source and free software projects use is a challenging a long way. There are too many free software talibans that will just try to impose their products, even if they know the software they support do not work.
There are a lot of free software and open source projects too that are just a joke. Let us say, for example, the systemd that is plaguing a lot of Linux distributions. Is it because commercial software is written by paid programmers. I do not get it. What I really know for sure is that choosing closed source software to fill the gap created by the Pandora box opening is not the answer. I certainly fail to understand WHY software written by corporations is better than software written by people who love what they do and, sometimes, do it nicely.
If you choose wisely there are much more secure open source projects. You should obviously look outside of mainstream. Linux is the cool choice these days, but it is the choice of people that do not care at all about security. Even Linus Torvalds despises security, and do it publicly. Linux is the new Microsoft, they try to own the world with good looking, low quality software.
If you think closed commercial software is the answer then I am ok with it, but I certainly will never trust on software that cannot be audited by the users and that is in the hands of corporations that establish nasty links to the intelligence community for money, government protection or misinterpreted patriotism. Oh well, linus, linux, and the funny bazar I can understand him ranting sometimes, btw.
Whatever, it s his kindergarden and it s their thing to deal with. ; how he does, however, is inconsistent and unnecessarily rude. I doubt that Thoth is an example demonstrating your point. But that s outside of this discussion, so I ll leave it at that. his decision was mae in the current state of affairs, not in the one I suggest. And, NO, the oss world would not come to a stand still. Simple reason All the reasons and motications of oss developers would stay the same.
Make the world better, just wanna share some work I did, etc. all that wouldn t change. The only major thing that would change is that incompetent hackers as opposed to professional engineers couldn t touch sensitive stuff anymore because it s a part of my model to finally introduce responsibility for what one releases in certain sensitive areas.
It seems to me that our discussion suffers somewhat from a misunderstanding in that you seem to take anything that calls itself security as such while I don t. Example you seem to see tor as something providing security I do not; in my minds eye tor is just crap, and actually worse, crap that pretends to offer security. So, you are right insofar as e. the tor people would bleed heavily in my model unless they dropped their not at all funny hobby experiment. Looking closer, however, one will find that a very considerable part of security relevant work is oss.
Short, except for those cases where hobbyists create havoc by incompetently fumbling in areas they d better keep off, pretty much nothing would change. Funnily you repeatedly ignore the festering abscess I mention, namely Hell, look around at what a nightmare your model has brought us into. In fact, in my model we would have even more oss because universities and other tax sponsored institutions would be forced to make almost all of their work oss.
I fully quoted that because I find it so funny. Obviously you can t even imagine how wrong you are. I did exactly that and never regretted it. I m fine, thank you, and yes, there are enough people and companies who happily pay for professionally solved problems. One part of my income, btw. has come from revamping and professionalizing dev. That s the problem with ideology driven people like you they increasingly fail to recognize reality and are limited to what and how their view permits them to see.
To make things even funnier I also occasionally do oss, haha. As for imposing very strict legislative and regulatory requirements Yes. You know, I strongly dislike the fact that medical equipment upon which my, may families or your life may depend, might be hacked and is of doubtful code quality. It s due to that that you can fly halfway safely. And now, after lots of addressing diverse whims and speculations you brought up, let s cut it down and put it straight.
Moreover exactly that is one of the main tasks of a state to regulate. We have the math, we have the know how, and we have the tools to do much better. Would you kindly explain why you insist on keeping the abscess happily growing. Would you explain why we should continue to have hospitals with lousy quality hackable machines, why we should continue to have major infrastructure incl.
even reactors that is easily hackable. If I m to choose between a reasonably safe world and the arrogated freedom claim of some hobbyists to play with the world then I ll take the reasonably safe world every day and twice on sundays. I want people like Thoth to do software for our infrastructure and other very sensitive fields. The linux and other hobbyists could and should produce funny computer games, diving hobby software or the like. I do not know why you dislike so much foss projects.
That one is easy to resolve I do not dislike foss projects generally and principally. I dislike ideological fanatics e. gpl and I dislike hobbyists playing, fumbling, and stuttering in areas that are way above their capabilities and important for society. I do like a lot well conceived and well done oss. In fact, I would want to force the governments to give us much more oss. We pay for the universities and research and we should have the fruits growing on those trees.
And I like the fact that oss inherently allows one to see the source code although more often than not it makes one puke. OpenBSD is a good example. Although they can t possibly create a secure OS due to posix, the C code base, and other factors they are a good example. They are knowledgeable, competent, and driven by a good motivation, and they created something useful and reasonably trustworthy. The Deep State, like most other institutions, has been corrupted. The unaccountable and delegated power has been redeployed for private profit, in place of the stated and legitimate purposes for which the consent to delegate was obtained.
The legitimate purpose of The Deep State is national defense, but imperial genocide should not be confused with defense. A key part of the redeployment strategy has been a series of long, coordinated and highly effective disinformation campaigns, including false flag events, assassinations and countless other crimes.
Google s chief search engineer legitimizes new censorship algorithm WSWS. Over the transom via email, we get this handy chart of the sites censored by Google Remember Don t be evil. with friends like these, who needs enemies. slightly off-topic, but it provides a threat model justifying something like TOR. com news 2017-07-31 trump-saw-disturbing-video-then-he-shut-down-cias-covert-syria-program Earlier this year, President Donald Trump was shown a disturbing video of Syrian rebels beheading a child near the city of Aleppo.
It had caused a minor stir in the press as the fighters belonged to the Nour al-Din al-Zenki Movement, a group that had been supported by the CIA as part of its rebel aid program. Trump pressed his most senior intelligence advisers, asking the basic question of how the CIA could have a relationship with a group that beheads a child and then uploads the video to the internet. He wasn t satisfied with any of the responses. ironic that Hillary CLinton a wrote It Takes a Village, b said, do it for the children, then c in her role as secretary of state, distributed weapons that led directly to the deaths of hundreds of thousands of children.
not so different from Madelaine Albright s genocide against children. it would be helpful if the TOR replacement alternatives could actually provide anonymity, defeat traffic analysis, stop content collection, not leak location information, and provide various other figures of merit. protecting content is not a trivial problem, because it requires secure endpoints. there are multiple tradespaces defining and surrounding the problem of secure communications. a related tradespace is given as concurrency, availability and integrity pick any two.
did I mention visiting the Harvard Center is 2015. Bruce had an open-hardware seminar that compared Arduino to a popular open-source cellphone platform that sells for 12 in China. control of the SDR is a given, and it could be forced to only communicate with one tower. further, the latency of the responses to the tower could be offset with a slowly varying constant or random value to dilute the position information from meters to kilometres.
I mentioned before that a sufficiently large user base is required to dilute the traffic. if secure audio endpoints are provided by enclosing the cell phones in a sort of prison that sees only a white noise audio carrier in both directions, then two of three objectives can be fully met, with significant progress on the third. to place a call, rather than using the cell company s switching gear to connect to the recipient, the call would be placed to a secure server which then calls the recipient.
the location information security can be defeated by an adversary who places multiple observing receivers in the cell tower footprint. secure audio with defeat of traffic analysis the channels all can be open all the time with white noise carrier in transit and significant defeat of leaking location information. I worked out another piece of the first-principles puzzle in the past few days.
the problem on the blue marble, generally speaking, is unaccountable power. that s what makes the non-scalability of trust so dangerous. combine that with the pyramid-climbing abilities of the sociopaths and psychopaths and you ve got a real problem. or millions of real problems. this can be tied back to entropy maximization and generally indicates that the first point of consideration should be conflicts of interest.
I would have guessed that an outsider politician could make a lot of headway with the voters by describing the entire quagmire in terms of conflict of interest. it has not escaped my keen notice that open-sourcing the technology that I describe here would empower criminals on both sides of the law. we seem to have seen that sort of empowerment with the purportedly dark web, and various Silk Road-type emporia. I suspect that the best case scenario on your planet is a profoundly dynamic balance of terror.
there is a lot more to say on many topics, but not as much time as there used to be. Is The New York Times vs. It can but it s inwards focused not out wards focussed which is why you have to be mindful of an idea from a century befor by the English economist William Stanley Jevons. A century and a half ago he observed that technological improvements that increased the efficiency of fuel usage gave rise to not just an increase of fuel consumption not drop but a significantly increased consumption.
His argument was that rather than the simplistic view that energy consumption would remain static thus fuel demand would drop, the opposit would happen. That is as efficiency increased the cost would drop and thus demand would increase. But further the economy would grow because of that increased use thus increasing further demand and consequent fuel use. This became known as Jevon s Paradox and it has a nasty sting in it s tail, in that if the economy slows the cost of fuel will increase disproportionately, which makes it harder to get the economy going again.
This outward looking view is infact what drives the Personal computer industry. You can see the sting in the tail with the cost of business desktop machines, as consumption moved over to laptops, and likewise for consumer use with the move from mini-towers running windows to pads and tablets running Android. Thus the hardware becomes considerably more complex and manufactured at a faster rate. This intern adds significantly to the requirements for not just the OS, but the Drivers as well.
Which as we know has a considerable negative impact on security. Further when Amdahls law came of age a paper was published in 1988 by John Gustafson and his colleague Edwin Barsis that made another point which we all have seen, but most of us call it software bloat not Gustafson s Law. That is computer users quickly get used to a certain time delay, and actually do not want a to rapid response as at a user level this can make them feel preasured.
Basically they argued much as Einstein had that it was time that should be the fundemental way of looking at things. Thus any increase in effiency in turn increasing system performance and thus reducing cost encorages programers to use it to do more with it. Thus you get better graphics, sound etc but things still take about the same time. Which means not just a vastly increased code surface but also much greater complexity thus a double hit on security.
Worse though is the fact that the Computer industry has got it s self into a tail spin. In order to survive and keep retail price points the same even though they devalue due to inflation they need to increase not just, exponentialy increasing computing powerbut also exponential increasing code functionality. The problem is the easy wins are long gone hardware is hitting the buffers and thus the drive for more code with not just bells and whistles but dancing badgers behined the row of dancing hamsters.
Code is now made by cut-n-past from examples found on the Internet, squiged into code libraries, that have increasingly complex thus less understandable API s thus encoraging further cut-n-paste. But it s not just the hardware running out of steam as Gordon Moore s law reaches the hard reality of the laws of physics even software is hitting the buffers. Unfortunatly for general security such examples are written to clearly demonstrate a single point and are not cluttered with the likes of handling return values or out of range inputs.
Security is not even a consideration in such examples, thus the quality of code in applications is tanking as we see in IoT. Worse code reviews etc take time and experienced personnel, so they have gone to at best administrative check boxes as the experienced personnel are required to churn out more code. Likewise testing takes time so the tests get less in depth and often drop back to just checking that previous bugs are still fixed.
We used to get code patches, but Mobile Phones show us the reality if it happens it s only whilst the product is for sale which is about a year. So landfill is the destination of a smart phone within a couple of years. Likewise pads, where they appear to have replaced socks on the Xmas prezzi list. But there is yet another hidden sting in the tail, manufacturers have realised they are about to hit the buffers on not just hardware but software as well.
So they have resourted to the old tie them in trick of a Walled Garden but more recently turning customers into product by what is politly called Instrumentation. The problem with a walled garden is you need product and a lot of it. But some of the lucrative nature of tied in has gone, thus there is competition on price. Which means the owner of the walled garden is not the one making the goods in the company store.
Which in turn makes a lie of the increased security FUD walled garden marketing droids spout. Which is why we have seen malware get into the walled gardens by the bucket full. The simple fact is the owner of the walled garden does not have the resources to test each application package for security, even by functional testing. The reason the users don t see the malware is that it s nolonger ego driven like graffiti, it s all about stealing user data to make money.
There is a false assumption that every company can live on the internet by stealing data and repackaging it and selling it. It s not true, the market for such data is finite, thus subject to the notion of supply and demand. Which means that the price will drop at any given level of data as more entrants enter the market. So there are two solutions, firstly get out of the market ahead of the game, the second is to add value to the data.
The likes of Google have been doing both for quite some time. However new market entrants are just trying for more invasive data theft. To do this they have to change the market some how. Cloud storage is a good way to get peoples data, and although it was not originally intended for that in effect that is what it has become. This became possible because of Jevons Paradox applying to communications, there is in effect no profit on carrying data though mobile phone companies are still tryingthus the subscription or one time cost model applies 1 much like it does with an all you can eat buffet.
The result of this has been the return of the Thin Client Notion. You design a product to be a head end device like an old style terminal with all the data processing and storage being done somewhere else. It has advantages in that the head end is cheaper to manufacture, and maintainence advantages in that the software the user is interested in runs on a machine at the company that makes it so patching etc is done silently. But the downside is your data is beyond your control for ever.
A point Google found out the hard way when the NSA tapped their inter data center communications. It s not just Google there was CarrierIQ before them that the NSA profited by, but more recently we have seen Microsoft force as hard as it can users into a locked in cycle with increasing spying and forced cloud usage. But we have also seen IoT spying with IP video cameras, with microphones built in continuously gathering data also Orwellian Televisions that watch and listen to you, toys that do the same to your children and now your luxury high end semi-autonomous vacuum cleaner.
Thus those who want to profit off of people as product are embracing the thin client model or the colabarative model that puts the desired data on their servers. The problem is it s not just low level electronics and software security that john and jane have to worry about, literally every new product is now turning into a spy. To force this product designers are turning products into thin clients that only do what you want if they are connected to the internet.
Because they have realised there is no profit in manufacturing any longer, it s all in Rent Seeking subscription models. Then various rent seekers came along with protection rackets and we ended up with them as our kings, barrons and lords of the manner. You used to get your land and be left alone to build a home etc. Meer vassals that were then told that they were the lords vassals or surfs. Worse than being a slave you just had to be taxed how you lived and died was not a cost for the lord which a slave owner had to bear.
Likewise a slave owner had to confine their slaves, not so with surfs society was their containment. It is this state of affairs we are regressing into via the electronics we buy but only get to use buy somebody elses whim. Thus whilst I take an interest in security and the bottom end of the computing stack with the electronics and software, it is not down here that john and jane are having their real problems with security. That lies above the eighth layer with managment through legislation, the politicians that make the legislation and the 1 of the 1 who pay the politicians one way or another to do their bidding.
Which has a downside as we have seen. Which is to turn society backwards five hundred years where individuals own nothing, are not alowed to own anything and must pay relentlessly untill death the very few. That much vanted trickle down effect will be there but through the guard labour who s sole purpose is to weed out those who do not willingly don the invisable chains of the Emperor to furnish him with fine cloths, so fine meer surfs may not be alowed to look upon them.
People are slow to adopt new ways of thinking and need to understand that they need to adopt secure behaviours and maintain them much as most now acknowledge they should look after their health. So my viewpoint has changed over time, we need sociological security more urgently than we need technical security. People have to learn security is a personal responsability something they have to work at to build up strength. Don t get me wrong I m not turning my back on technical security measures they are the foundations we have to have that can not be undermined but they are but the building bricks.
People in general do not see or even want to see bricks, they want to see buildings in which they can live and work safely and securely. They don t want to learn to be builders, nor do they want to be without buildings living what they see as a more primative existance. That is they have a comfort zone and for the majority that is where we need them to apply security to their lives. From there as they gain security strength they can expand outwards and widen their comfort zone. Some will take an intetest in technical security, most however will in one way or another take interest in social security ensuring that politicians work for who vote for them, not the fractional few who buy the politicos in one way or another.
Whilst this blog did start as a very technical blog and still covers it, our host has moved onwards to the social and economic side of security, thus the subjects covered has broadened out. But whilt the social side is important we must realise that it is the economics of production that makes it possible. Which brings us around to the question of the production of software and hardware. I ve long argued that whilst hardware is engineered, software is at best crafted.
History shows us that infact all things man maked are first created in the mind, then crafted into a tangible form which is then tested to the point where they need to be engineered via the principles of science. We test via tools, which are also made by tools, which at a fundemental level are designed from the bedrock of intangible logic up through mathmatics and meet the tangible world at measurands which get derived from fundemental physical properties. The purpose of economics is actually efficiency, and to build the mathmatical models to be able to get there.
In the process it does not address much that makes society society and does not cover much that is social and thus important to society. The art of software is in many respects a social process, one aspect of which is how to do things not just effectively but efficiently. Thus it is subject to economic processes. You and I broadly agree on the C question I put it as stradling the gap between assembler and high level languages, you see it as a meta-assembler.
In essence the difference is where we see the low water mark for high level languages. I see it at partial almost minimal abstraction, you see it with a greater level of abstraction but importantly you see safety as being essential to the required level of abstraction whilst I do not to the same extent. You could say I regard the tool by what it does, not how it does it outside of that function. Thus I do not consider at that level the aditional functionality that protects the operator from the tool or how the tool protects the workpiece from the operator.
Thus I regard guards and stops as being something added to a table saw functionality whilst you see them as integeral to the table saw operation. It is actually a difference in view point in the economics of production. That s not to say I do not consider it important it s just where I draw a functional line. The reason for this is the direction I am coming from which is bottom up not top down. I see the function of the tool as a specific design, likewise I see the guard as a specific but seperate design likewise the limits etc.
However the economic view although present in the tool design is also above the operator level at the process and managment levels. Strategi iq option 1 menit is I take a tool makers view not an operator view. The aim of a process is strategi iq option 1 menit take raw materials and add value to them to increase their utilitarian value. This means making the process efficient which is where the aims of economics impinge. A table saw that has no guards or stops used by a skilled operator will do the entire range of things possible.
But the reality is it is rarely used out of a small subset. So whilst the cost of the tool is a lot less the cost of a skilled operator is much more than a semiskilled operator. So ecanomicaly the managment choice is to buy a more expensive table saw and gain that back by using lower paid less skilled labour. However a semiskilled operator has a higher probability of getting injured. In essence your argument for type safety etc whilst totaly valid and sustainable from a security aspect, also has a valid economic argument, in that enables the use of less skilled workers to produce the same level of piece work.
It also has other arguments as well in that it lightens both the cognative and progrming load on the programmer. That is they do not need to think about or write program logic to check for range conditions etc. As long as they do so for return values caused by exceptions. Where it goes wrong is two fold, firstly way to many programers do not adiquatly deal with return values and the prefered way of dealing with exceptions is to just abort, which is actually the worst thing to do in a system view.
Secondly because of the hand holding they are not used to dealing with errors and their diagnosis, thus they only reach a certain skill level above which their limitations and failings return. The latter issue becomes a major issue in that what might be a minor issue for a skilled programmer becomes a major if not insurmountable problem to the lower skilled programer. As these problems can be viewed as either edge or corner cases thay will often not get resolved and simply become known faults in the code that gets pushed out to the public and await a maintenance relese.
It is these faults that become the prime vulnerabilities for skilled attackers. It then becomes a probability question as to if a maintenance release fixes the vulnerability before it is found and exploited. The view used to be that even if a vulnerability was found it would quickly become public thus fixed. We are now finding out that this is far from true. Vulnerabilities are found and it depends on the mentality of the finder or their employer if it becomes public or not.
In essence vulnerabilities are either outed for personal reasons or they remain hidden and exploited covertly often for long after the product they are for is nolonger supported. Thus we have a growing pains problem. Increasingly high level languages will alow most programmers to be much more productive. But such languages are known to be insufficient, thus further more formal methods are needed and this means that much more resources are used in production which is not desirable in a competitive environment.
Which is what happened with Victorian boiler makers. The result is the need for more powerfull more efficient boilers led to an increase in failures that could not be hidden or ignored. Thus Parliament passed safety legislation that caused science to become a proffession and artisans and craftsmen to become scientifically literate and thus become engineers. Currently most people who write software are at best artisans, many due to the drudgery of commercial work find an outlet for their creative side in Open Source Software.
Few use formal methods and many have no notion as to what they are. Software houses by and large have little or no interest in correct functionality let alone security. That is they care little about reliability or safety just getting bells and whistles to market. Interestingly untill very recently few commercial application software houses cared about a reputation for correct functionality, reliability, safety or security in their product releases.
The exceptions were those who were making ICS and mission critical software. As the likes of NASA and others have shown correctly functioning software that is reliable and safe for use, needs to be engineered and this is an exacting and resource intensive process. One that the current application software market will not on any way support as they would be out of business before they got their next release out of the door.
A lookback at history shows that yes boilermakers took a hit when legislation came in but as they all took it at the same time they survived though it did effect the economy somewhat. But one important thing came out of the process and that was fully tested fully specified and standardised parts. Because they were standard you had multiple suppliers and their properties were well known.
This enabled buildings to be produced way more efficiently and quickly than older methods. And that is the point, the software industry needs to move from being artisanal to enginering. Implicit in that is that the proces cost be minimised to ensure that it remains viable at some level. The majority of programers should not even be using what we call high level languaged, they should be taking standardised tasklets and scripting them together.
Further programing of applications needs to become more like shell scripting that kicked off the idea of rapid prototyping. That way productivity levels can be maintained but quality and security levels raised significantly, whilst also making maintenance and upgradability more efficient and sustainable. 1 The earliest form of this was with the Uniform Postal Rate from Victorian England with the Penney Black stamp. It cost you a penney irregardless of if your letter was going one street, one town or the length or bredth of the country away.
Likewise it did not matter if your letter contained one or one hundred words, it just had to be below a certain size. Inability to Comprehend the Obvious August 1, 2017 9 26 AM. Elon Musk and Mark Zuckerburg recently had a public discussion over AI. Elon stated that Mr Z did not fully appreciate the threat from smart robots. Mr Z was then mocked in this very column stating the benefits of robots over addicted zombies.
This started the standardisation of parts which alowed greater efficiency with the advent of two world wars it became not just parts but whole sub assemblies that became standard. One projected finding was no more advertising and data mining as the zombies die off. Not a week later Facebook shuts off AI experiment after two robots begin speaking in their OWN language only they can understand. Why go through life learning everything the hard way. America already suffers enough from incompetent leaders.
Another learning moment. Many interesting thoughts, indeed. However, lacking a sufficient amount of expertise and knowledge I ll refrain from commenting on much of it e. economy, sociology. My widely agreeing with the relevant aspects of yours summary is very sad, too. My vote goes to Kid Rock. It comes down to the observation that most developers haven t even a proper understanding of their field and profession, and I do not even mean that technically.
We live in a highly complex world and abstraction and knowledge encapsulation are a major and frighteningly often not understood part of our profession. We do not need to know the registers of some controller and the involved mechanism. A driver does that for us; it abstracts and encapsulates knowledge. So, say, an OS developer can simply do things like write those bytes to the disk. But he himself also abstracts and encapsulates knowledge, allowing application developers to not need to know how en detail the file system works; he can simply say OS, write those bytes to file a b c.
And so on and so forth. Similarly an application developer needs not to know the innards of, say, aes. We humans are, well, human. Which is strategi iq option 1 menit much different from processors. Plus, usually we developers work for other humans who do not even care about anything wrt. The accountant, the architect, the railway controller, they just want something done and important they express that something in their language and based on their thinking. As a consequence we are to be interpreters and transformer and doubly so.
First, we need to transform the clients task description into something we can work with; we need to translate it from his to our world. And then we need to transform our design of the solution into something the machine can digest and work with. So, our work starts on a very abstract and human level, often with a task described in another language and thought frame and ends with registers, addresses, and cpu ops. An added problem is the fact that phase 1 client sw people may or may not be verifiable.
While most would probably argue that it s quite simple for the client to see whether what he got is what he wanted, things often aren t that simple in reality. Example what client wants often changes during dialog as he learns about things he didn t know or think of. Other example No, client can not simply see what he gets as actually he usually just sees the effects of the software and not the mechanics. Phase 2 seems to not even exist in many developers heads or is solved by a compiler linker run not puking and the software not evidently crashing.
However, as many unpleasant cases and even desasters should have tought us, it s far more complex. In fact, I d submit that verifying that the code we produced actually corresponds to the often non existing specification is a major part of the task. Not having verified that the software works is but meaningless stuttering. As for economical, social, or political aspects of what you wrote my belly largely agrees but I feel unqualified on much of it.
Some factors, however, seem strikingly clear. One is the progressed very far stupidization of the people and the functionalizing them into obedient and mindless consumers and work bots who happily carry the fruits of their labour to some gadget shop to buy plunder and who seem to be quite content to enjoy some utterly meaningless freedoms. Another factor is the painfully evident rule of the 0.
1 who mercilessly abuse, plunder, and enslave anything and everything to get what they want which usually is simply more. One final remark as you happened to address it, too, albeit from another angle bloat. I fully agree with you and add that bloat as well as eternally bug ridden software in ever new versions are not considered as problems but rather as assets and desirables and even foundations by quite many in the 0. After all, both the corporations and the deep state insofar as there is a difference win.
And that is the point, the software industry needs to move from being artisanal to engineering. Now here s something we all can agree to. We all would like to see formal methods and formal verification resulting in fully tested and specified, standardised parts. The only question is how we can possibly achieve that all while making it economically viable in the context of an industry that like most others is nothing but a race to the bottom. Personally, I don t think it s gonna happen until a 9 11-like cascaded infrastructure failure hits millions, causes unspeakable damage, sends a couple of big-wig tech CEO s to jail and has opportunistic politicians outbidding each other to come up with the most draconian piece of legislation to please their gullible electorate.
He can simply say encrypt those bytes using key xyz. And which still carries a major risk of turning the entire industry into a very closed bigcorp and government controlled environment. We ll let Thoth himself be the judge of that. When a guitarist can no longer perform on stage before he has become a technical virtuoso, then very few will remain. When guitars themselves can no longer be played until they have been formally vetted and certified for a particular purpose, few models will remain.
It s no different in software development. In one of my earlier post I explicitly acknowledged the mess we are in today and for the reasons you mention. Funnily you repeatedly ignore the festering abscess I mention. Whilst I concur with your thesis, I completely disagree with your absolutist view, your relentless bashing of those who at least try to mitigate the situation with whatever little means they have, as well as your utter disregard for the average Jane and Joe and the non-state actors they are up against.
So if my understanding is correct you are running a successful SMB that is selling highly secure software and services. May I then inquire into which commercially available products and services we are talking about. That makes you just another expensive hired gun. And no, a one-man company doing custom work for 3rd parties doesn t count. And just how much of all of that is F OSS. Clive the software industry needs to move from being artisanal to engineering.
you Now here s something we all can agree to. That is not what your posts to me suggest. When a guitarist can no longer perform on stage. a Why the switching to completely different images. Let s stay in the software field. Again I want higher standards and responsibility for certain sensitive areas not for any and all software. In fact, I would even be fine if hobbyists continued to fumble with their OS or ssl.
All I want is that there are clear standards that are binding for some usage scenarios and that there is a clear marking. in hospitals, airplanes, etc. The linux hobby group, for instance, could continue but their stuff would lack any professional acceptance and could not be used e. My impetus isn t driving hobbyists away from their favourite toys. It is to keep them out of certain sensitive areas. your relentless bashing of those who at least try to mitigate the situation with whatever little means they have, as well as your utter disregard for the average Jane and Joe and the non-state actors they are up against.
Depends on how you define mitigation. If here, take that lollipop and some aspirine is considered as mitigating aids or lung cancer you are right. the diplomats whose email routed through tor was collected. As for Jane and Joe and non-state actors stop the bullshitting already. I m tired of your wanton coming up with made up allegations. Don t confuse your ideologically driven subjective perception of me with the reality. Which part of your game was played for decades and just look at the nightmare we re in.
do you fail to understand. OpenBSD has a great and smart team, plenty experience, and the right motivation yet there are 100s of potential vulnerabilities in it. C C java and no formal spec nor verification are two monstrous factors pretty much all of crappy software have in common. How much more obvious do you need it. Does it need to bite your nose or explode your dog for you to recognize it. And while you talk about social and freedom how about the freedom not to be hacked and eavesdropped.
this strategi iq option 1 menit my memory of the assassin mercenary drug-dealer whose story was linked here last year the name might be Paul Theroux. haven t seen a peep about it in the news in the interim. security is an adaptive system, not unlike other systems, having inputs and outputs, intermediate states, and failure modes. Dynamics of medieval cities Understanding Society.
Cities provide a good illustration of the ontology of the theory of assemblage link this is interesting lambert. Many forms of association, production, logistics, governance, and population processes came together from independent origins and with different causal properties. So one might imagine that unexpected dynamics of change are likely to be found in all urban settings. This study presents a fascinating contemporary test of a thesis that would surely have interested Pirenne almost a century ago did medieval cities develop spatially in ways that reflect a reasonable degree of freedom of choice among residents about where they lived and worked.
And the data seem to confirm a yes for this question. Sounds better than Manhattan today. Or London in Sloan Square or Kensington particularly the Grenfell Tower area. Behavioral self-organization underlies the resilience of a coastal ecosystem Proceedings of the National Academy of Sciences. Our paper provides clear experimental evidence that spatial self-organization profoundly increases the ability of ecosystems to persist in the face of disturbance.
That s where the aliens set up their Interstellar Customs and Quarantine Station. Is There a Giant Planet Lurking Beyond Pluto. And I am tired of your name calling, belittlement, twisting of my words, inability to understand comparisons or metaphores, straw man arguments and refusal to give straight answers to perfectly valid questions. I respect your knowledge and experience as an expert programmer, but I can easily understand why a growing number of visitors of this blog and even our host himself get irritated by your discussion style that ultimately demeans your entire point and even makes some think that you re a government agent.
A number of people in the usa, in an apartment like setting are willing to share their individual wifi connectitions from their respective ISPs. Their is some overlap of wifi signals from separate ISP accounts. The users aren t particuliarly tech savy and probably want to keep it simple stupid. For example, sort-of a mesh wifi network. One idea is to have 1 openwireless. org as the guest network name at various non-overlapping locations 2 in the vicinity of 1 s have neighbors choose SSIDs like bach.
org, stravinsky. org, or pet_name, author, artist, or other. org 3 thus users in an area could pick SSIDs based on signal strength or availability at the time rather than seeing just one openwireless. org SSID 4 it would be nice if people moving around with tablets, laptops, etc.in the area would have a relatively good experience getting their messages, mail, chats and other connectivity.
html 5 hope that eff. org or openwireless. org might consider getting involved in potential litigation if things came to that. Does having multiple ssid names, not just one guest ssid, sound like a reasonable idea. Feedback and other ideas would be appreciated. I know Bruce has written about this before. For example in his book Schneier on Security or in Wired magazine and I am curious what his thinking is now. Figureitout Thanks for the link above. In a world where individuals in different countries routinely access the web from different open wifi SSIDs at least the surveillance states might have to work harder to collect it all and use it allespecially if VPNs, and tor, are going the way of dinosaurs.
Regarding an Apple tor relay, I think it is configured not to use a TBB relay only; but the MacIntosh running the relay is available for word processing, non-torrified safari, VMs, and so on. en normalusers may pass through the relay. In addition, regarding scummy, traffic from the four horseman of the apocalypsenot mentioned in the latter above link, may pass through the relay.
AFAIK, you can t pick and choose your tor relay traffic easily. Regarding traffic shaping or tor traffic shaping and the like, does anybody have an opinion regarding if tor is a net positive for usa spooks, law enforcement, and the like. Since presumably they use it, too, of course. For some other countries, because of traffic shaping and tor traffic shaping like issues, perhaps spooks, law enforcement and the like in other countries find tor in a less positive or net negative light.
It can t be that hard to detect motion. It s relatively easy to detect movment in a certain range with a tuning fork gyroscope. But there are problems not least because it does not tell you what type of movment it is. For instance I m sitting in a chair typing this, but because I suffer from muscular skeletal problems I fidgit when sitting down to ease the pain. Thus my phone is moving around in ways not disimilar to some one walking and typing.
GPS can detect geographical displacment of more than ten meters or so, but only by integration. Thus the tuning fork gyroscopes are not upto the job of measuring geographical displacment as I mentioned before. The longer the integration the more accurate the measurment. But that integration needs to be long thus slow to detect a person walking around in small circles outside a bar door etc. But again it takes a while to work out actual parambulation as opposed to other body movment like trying to move your head and sholders around in a noisy environment to find a lower noise null etc.
Even if you overlap the info from the tunning fork gyros and GPS you will get both edge and corner cases. All of which means the detection is going to have both false positives and negatives, or to put it in engeneering parlance it s going to be flaky. And the one thing that kills product in any kind of consumer review is the word flakey or any synonym for it. It triggers some primeval part of the brain and sends people heading for the trees. ab praeceptis, Clive Robinson, Thoth.
From ab praeceptis c Moreover, using tor can wake up sleeping dogs, paint a target on your, and generally turn against you. Thanks for your professional and skeptical opinions regarding tor. This may be the fly in the ointment regarding using tor. From Thoth Now that China and Russia have mandated that VPN and such surveillance circumvention tools including TOR as illegal, this will spread even further and the whole World would be affected which would include the once open and libre European countries and US which would likely follow suite.
Show me the code. Well, knock me over with a feather. in the UK is much much worse than I do expect. It is rather spooky that the dire privacy and personal security crisis dealt by Amber Rudd, Theresea May et. Amber Rudd argued that real people don t need or use end-to-end encryption. This is rather distorted. tyr Don t think I d really want that feature, the occasional lockups from false positives would lead me to want another phone.
I certainly fail to understand WHY software written by corporations is better That s not the argument, it s a pretty simple one, we live in a world run by money whether you like it or not. 1 Most people do their best work during normal working hours earning a paycheck to eat live2 Not having funds for basic necessities in technical industries, we need tools that cost will result in worse quality or even shutting down. Some of the bullying suicide encouragement comes to mind.
How to make E2EE chat apps relevant in the face of Governmwnt crackdowns. not the brightest bulb Yeah, it s also how people can behave when you can do say things w o anyone knowing it s you. Micro payment probably with some P2P setup Wechat style Bitcoins Altcoins transaction forwarding. Business communicator including corporate B2B messaging. Let s put aside high assurance stuff like data diodes and go with medium assurance first.
Mass Incident Response messaging system. 2FA over E2EE chat. One example is E2EE-OTP messaging. Subscription based notification and news agreggatiom over E2EE chat. Accounts reset code and links over E2EE chat. These are some ideas. It might seem yucky but this is the better way to keep E2EE chat being relied upon to prevent wreckless legislatures from destroying it. Chuck L Apparently the vulnerability has been fixed on the 2017 version of the device, but owners of earlier ones should heed this advice.
Amazon Echo can be turned into a spying device, security researchers reveal AndroidGuys. in order to successfully hack the speaker, a hacker would need to have physical access to it. So you might want to lock your Amazon Echo away when your computer wiz cousin comes over for a visit. the attack can be carried out by removing the Echo s rubber base to reveal 18 debug pads which can be used to easily debug the device. US lawmakers are trying to fix the security nightmare that is the internet of things Business Insider David L.
It s not fixable. For starters, manufacturers go out of business and there is no one to continue to be responsible for the device. And notice the article insisting we must submit to having spying devices. I m going to continue to buy stupid devices. From there, hackers would be able to boot directly into the firmware by attaching an SD card or install malware without leaving any actual physical traces.
In fact, given the tone of this article, enterprising readers with attics should stock up on non-IoT-infested devices anything that runs off electricity is expected to be chipped someday for their own use and perhaps future sale. Or you could figure out how to turn your entire home into a Faraday cage and engineer carveouts for select devices. Trump s new Air Force One planes could come from bankrupt Russian airline Guardian. From a JG4 link, I think.
Jeremey Scahill and Alfred McCoy talk about empire. McCoy argues that the 2003 invasion of Iraq was the beginning of the end of United States empire. McCoy is not some chicken little. He is a serious academic. And he has guts. Arundhati Roy s, 13 May 2003, address at Harlem s Riverside Church, which was delivered soon after President Bush landed on the aircraft carrier and announced all hostilities were over in Iraq.
is called Instant-Mix Imperial Democracy, Buy One Get One Free. You might want to read it or listen to it. uk v39 n15 andrew-bacevich the-greatest-person-then-living Today that problem has undergone a new twist. Trump has by and large handed the national security apparatus over to the generals. Now wearing three stars but still an active-duty army officer, McMaster occupies the post of national security adviser.
Career military officers, active and retired, fill numerous positions on the National Security Council staff. The defence secretary is a former four-star general. So, too, is the secretary of homeland security. Truman, I imagine, wouldn t have approved; it s possible MacArthur would feel vindicated.
Coments:06.03.2020 : 05:23 Dalmaran:
It s a tactical puzzle, but a reactive one where you have the freedom to try lots of different strategi iq option 1 menit to its military conundrums. Not just a great place to start, it s simply a brilliant wargame.
03.03.2020 : 09:36 Molabar:
Gg SXfABAW In this online video, we speak. Forex Destructor Best Trading System Indicator Strategies MT4 No Repaint profit.
01.03.2020 : 14:10 Taujinn:
Automatic OFF wird benötigt required automatic. Temperatur abhängige Anpassung der Ladekennlinie.