The reason big government contractors get so much work is not because most government agencies would prefer it that way. Most would rather do things in house. any efficiency arguments aside, it makes their little empire bigger. Rather it is because there is pressure at the top to do business with contractors who, unsurprisingly, are big donors.

Particularly since cellphones as they actually were/are, meaning phones that work with individuals radio "cells" and move between them need computers to work. They don't have to be amazing computers, but they need some computer logic to handle dealing with dynamic frequency assignment and handoff between towers.

That one piece of a technology, even an important piece, existed at a given time doesn't mean the tech could happen. Many devices require a confluence of a number of technologies before they can happen.

Smartphones are an example. They aren't particularly a novel idea, we've seen shit like them in sci fi for a long time. However to actually be a thing on the market we needed a lot of shit:

--Processors had to get fast enough at a small enough size
--Displays had to get small, light, and low energy
--Batteries had to get sufficient energy density
--Silicon based storage had to evolve to usable levels
--We needed wireless digital communication
--We needed the Internet (or something like it to have something worth connection to)

Without any one of those things, you don't have a workable smartphone. That they started to rise to prominence when they did isn't some amazing stroke of genius or luck, it was because the various technologies had reached the needed point.

Google's short support is also amusing to me since they love to snipe at Microsoft about security issues, yet the security situation on Android is garbage.

When we bring someone on, they do NOT get root/admin to critical servers their first day. They have to be off probation first, which is 6 months where I work. Even then, credentials for things are not on a document. That is just asking for them to get lost or stolen. They are given on a wallet sized card, written specially for that person, and they are instructed to keep them safe until memorized.

The reason is, of course, to prevent fuckups, as well as to make sure we trust them fully. The idea of giving someone full access to critical stuff on day one is stupid. Shit it sometimes takes more than a day for them to get access to e-mail and all that just because of all the other things they need to do.

This is 100% on the company. Have working backups, CHECK YOUR BACKUPS, and don't give a new hire a sheet with access to your critical data.

It is fairly easy to set up and supports new protocols. Linux seems to support it reasonably well and its Windows implementation isn't totally retarded.

However really, it is worth your while to invest time and effort in learning IPSec. I know it is a pain in the ass, I've done a ton with it. However it is powerful. The reason it is complex is that it can be used for basically everything. It is a general purpose encryption and authentication method for IP. It is also a mandatory part of the IPv6 spec so going forward it is just going to be a thing that all systems will have.

It also has the benefit of being widely supported. While not a lot talks OpenVPN, nearly everything already talked IPSec.

Motive can determine what kind of crime something is. So let's say you hit someone with your car and killed them. Suppose you did it because:

--You were swerving to avoid hitting someone else, your motive was to avoid hurting another person, not to hurt them. That would likely be no charge, but at most Involuntary Manslaughter since there was no malice, no intent to kill.

--You swerve to hit them because you believe you see them strangling an animal, and it makes you fly in to a rage and want to hurt them (but not necessarily kill them). That would be First Degree Manslaughter.

--You swerve to hit them because they are a person you hate and they flip you off and you decide that fuck it, they deserve to die for disrespecting you. That would be Second Degree Murder.

--You swerve to hit them because you set out to kill them, you were looking for this particular person with the express intent of killing them when you found them. That would be First Degree Murder.

In all cases they are dead because you swerved in to them with your car. However the law can treat you very different based on your intent in the case. It is codified in to law that why someone did something matters, a whole lot.

It is not like it is mandatory, and I don't see it going that way either. I know a lot of people who use Facebook all the time, who are glued to it. I know a lot of people who use it occasionally but don't give much of a fuck. I know a lot of people that don't use it at all (I'm one of those). This spans all ages too. There is this false idea that every single younger person is glued to Facebook so in the future it'll be the only way to communicate. Nope. Plenty of our students don't give a fuck about FB, whereas others love it. Same shit with older people.

So far I've seen no indication that not using Facebook makes you an outcast, unable to get jobs, unable to travel, or anything like that. As such if you don't trust it, don't feel what you give up is worth it, or just plain don't care, then don't use it.

Generic chips that can be programmed in to anything you want in the field. It's a huge industry, they get used in everything from your car to your TV, but they have limitations that means they are never going to be a be-all, end-all.

There's a place for processors, FPGAs and ASICs, usually all combined.

And told me to get a home unit, and bring it in to test it. His assessment differed from this in that he said that "most home blood pressure monitors are accurate". I brought in mine, the nurse tested it, and said it was accurate. The readings weren't 100% the same as what she got, but then they normally vary second to second anyhow.

Also of note is that she was much more careful with the test when testing my unit as opposed to normal. For both their and my unit she had me sit quiet and still, she made sure to place the cuff in the same place, and she took the reading slowly on their manual unit. On a normal physical she places the cuff over my shirt and and drops the pressure quite fast.

Now I would guess this is because they aren't that worried. My BP is normal to the high end of normal, but is normal, when measured at home and is on the high end of normal up to just at the bottom of the pre-hypertension range at the office. So I would guess she's not that concerned with having it right down to the mmHg, with in 10 is probably good enough. If it hasn't changed much since last time, no need to worry and no need to spend a bunch of time being super precise.

Now maybe my doctor is just lax and stupid, but he doesn't seem that way (and his background.credentials don't indicate that). However maybe this journal has a bit of a bias in wanting to over-diagnose hypertension and/or push that physician measurements are the One True Way(tm).

To me it seems silly to worry about 5% or less error on a test like this. The fact that BP ranges neatly line up on clear decimal lines should tell you that the specific numbers are guidelines only, not maxims. It isn't like the did some measurements and said "My god at precisely 140mmHg blood pressure becomes unhealthy and at precisely 120mmHg it becomes a complete non-factor!" Of course not, rather based on medical knowledge they established the normal, pre-hypertension, hypertension, and hypertensive crisis ranges and set them along base 10 boundaries because we like that.

It is a guide to trained professionals, not a stress point past which there is a sudden failure. Your doctor isn't going to treat it radically different if your BP is 141/91 vs 137/89. They'll evaluate what kind of treatment (if any) they think you should have based on a number of factors about you.

While I'm not ready to go all in on AI controlled planes yet (or let's call them something else like Expert Systems, they aren't real AIs) I think starting to test is very valid. We are able to design systems with very good decision making capabilities these days. It is conceivable that we will soon be able to make them on par with humans, even for extreme cases like 1549.

It is certainly an area worth putting R&D in to.

Lynch is no longer a federal employee, and unless she tries to return to government or run for office, it doesn't matter much. President Obama has served his term, he's done now and he won't be coming back. So how does it matter what happened during her tenure? She and her boss are out, that's it, it's over.

Or do you mean because you think Clinton should be prosecuted? Well guess what? She lost the election, and is also likely done. That aside Donald "Lock her up" Trump is now President and controls the justice department. He could push for it, if he wanted, yet he has publicly said he isn't going to.

So how is it in any way they "key takeaway"? You are as bad as the liberals who kept pointing to shit President Bush did to try and excuse things President Obama did. The important takeaways are about the administration in power NOW. They are the ones that can cause problems, they are the ones that need to be looked at. The old administration is old news. The bad shit they did is done. Worry about the present.

Well then you don't like bitcoin because it has built in deflation. You should in general like fiat currency as it has moderate inflation overall. Gold had alternating periods of large inflation and deflation.

First is that gold bugs hate inflation. They see it as the ultimate evil. They like deflation. Well gold can lead to deflation, and likely would in the long run due to its limited supply, but bitcoin is guaranteed to have deflation given its design. So they like it because if it is used it would guarantee deflation.

The second is something you might have guessed from the first, it is because they don't know shit about money. They don't really have an understanding of what makes money what it is, or what makes a given currency good or bad. They see big amounts = good, big gains = good. Since both gold and bitcoin have been on a run as of late, that makes them good.

UAC is not a sudo replicant, it is a tool for easily escalating to a privileged user. It is akin to what you see in many modern Linux GUIs when you try to run something, it asks for escalation and then runs as root, often for a period of time thereafter. Also your understanding of how UAC works is incorrect, you can have it change user contexts if you wish to set it up that way. You can tell UAC how to operate. Normally what it does is present even administrators with a restricted security token until they escalate.

Fine grained sudo control is more akin to Just Enough Administration (https://msdn.microsoft.com/en-us/library/dn896648.aspx) though that is even finer grained sudo.

Much like the original poster, please don't spout off if you don't know what you are talking about. There's a lot of documentation on the Windows security model out there, if you want to look in to it. However trying to criticize it when you don't understand its functionality is silly.

Please explain what needs to be done to "design things securely." Explain what specific sort of technical controls should be put in place in a kernel to prevent attacks. Make sure you aren't listing ones that they have already implemented, such as NX memory regions (which is what DEP is) and also make sure you aren't listing things you like in other OSes that are done in Windows under a different name like separate user/superuser privilege (which is what UAC is for). Let's hear these these brilliant, 100% effective solutions you have. I mean you clearly must know how, since you are so sure Microsoft doesn't do it, right?

Or if not, kindly stuff it and quit blathering on about shit you don't know anything about. Maybe go take a SANS course and get a handle on how there is NO perfect security, anywhere, period, and ti is all incremental, all about making things harder for adversaries.

For that matter you could even start at reading the linked article which says "Performing a similar heap spray on Linux is difficult, but easier than this. A lot of work went into this."