I know that humans, being a curious species, whose only close competitor in that genre being the common pussycat, love a mystery but I really wonder why good money is being thrown after bad in trying to find the wreckage of this plane. There is no rational reason for it.

First, we know that the plane was destroyed on impact with the Indian Ocean given that parts have washed up on beaches.

Second, the people on that plane are dead, will remain dead, and their bodies will, almost certainly, be not retrievable if any are indeed intact and have not decayed away completely. Anyone who believes that somehow they could still be alive are nutcases of the tin foil hat variety.

Third, any investigation that results in the discovery of the wreckage will almost certainly yield nothing because we know the plane was in the air, intact, and undamaged for hours before impact. Any information on the flight and data recorders, where any definitive information about why the plane diverged from its planned course could be found, would have been long overwritten.

Fourth, in the case of that Air France A330 flight that disappeared in the Atlantic about 15 years ago, it crashed in an easy-to-deduce area given that wreckage was quickly found on the surface. MH370, on the other hand, disappeared in a much larger area and there is no way to pin down more precisely where it went down.

The only thing that could be achieved by the discovery of the wreckage is some closure for the family members, a tenuous psychological state but frankly unachievable goal in this case. Of course, if the wreckage is indeed found, relatives may have the opportunity to take a boat to the location and drop wreaths into the water but that is all. Some family members may continue to doubt whether their loved ones are really dead since there will be no bodies to retrieve, identify, and bury. Any remaining questions will remain unresolved forever. The reality is that these people are dead and have been dead for ten years and there is almost no chance anything new can or will be learned about the flight and its disappearance. Is the existence of a very slim chance of learning about the reason for the crash worth the money? I doubt it. Some mysteries are never resolved and this is almost certainly one of them.

It wouldn't be surprising if there will be some demand for bite-sized physical machines from people who think that they can't assume hypervisors will be security boundaries; but I suspect that getting actual improvement will be harder than it looks; especially if you aren't willing to sacrifice convenience:

VMs are, certainly, in no small part about utilization and economies of scale: until you get to the point of systems 'big' enough that they seriously restrict your choice of vendors(eg. basically everybody sells 1-2 socket systems; 4-8 means Xeon, and only certain more expensive Xeons, more than 8 sockets means some fancy custom interconnect) it's basically always cheaper to slice a bigger system in half than it is to buy two smaller ones: much less redundant hardware that way.

However, they are also about management convenience that you can't really get out of a physical server without adding a (potentially dangerously) capable BMC or similar computer-inside-the-computer(like the "nitro" controllers that AWS uses): and the history of BMC vulnerabilities(both against their network interfaces and against the components they expose to the OS running on the system) is not entirely cheery; with the situation probably looking worse if you want a BMC that can do all the various management things vsphere can do to an ESX VM.

There's also the question of OS driver vulnerabilities and hardware/firmware vulnerabilities: this VM escape relies on ESX's virtual USB device being buggy; it's not as though you would necessarily have greater confidence in the virtual USB device the BMC uses to interact with the OS; or even the firmware of some of the physical devices on the motherboard.

If anything, while they clearly aren't perfect and can't be trusted enough to avoid much greater attention to how to keep guests from interfering with one another; my suspicion would be that the complexity, and thus bug potential, of real peripherals is considerably higher than that of VM peripherals; especially the newer ones that are explicitly abstractions designed to be convenient for virtualization; rather than close imitations of common physical hardware intended for compatibility with OSes that don't expect to be running in a VM.

There are some 'usb devices over IP' software offerings that add a virtual USB root and can be used to connect USB devices that are physically connected to other hosts(obviously this works better with relatively low-bandwidth and latency-insensitive things; it's more about license dongles and USB to serial converters than video capture devices); so you do have options(and those offerings also tend to have explicit support for relatively easy switching of the USB devices being redirected between multiple hosts, if that's required); but it seems pretty unlikely that their virtual USB devices have gotten the same amount of probing that the vmware ones have, since they are relatively niche offerings vs. being the de-facto on-prem virtualization option(at least until Broadcom showed up).

Potentially still worth it, if you've got some absolutely unpatchable ESX host running at least one guest that must have USB, since the vulnerability on the vmware side is now a known one; but quite likely to not be a net gain in security vs. a patchable host; just given the relative amount of attention given.

There was a somewhat similar(also a bug in the virtual USB device allowing manipulation of the VM host from inside a guest with virtual USB a few years ago. There have also been a couple(CVE-2015-3456 and CVE-2021-3507) targeting the virtual floppy drive device.

They seem to be relatively rare; though tend to be pretty alarming when they do come up because their relative rarity means that people often treat a hypervisor as a reliable security boundary so there isn't necessarily a lot of backup built in to handle cases where that assumption is invalidated.

Microsoft has long said that such admin-to-kernel elevations don't represent the crossing of a security boundary

How can anyone at Microsoft actually say that and keep a straight face? Can we say "negligence", children? Can we say "laziness", children? Can we say "incompetence", children? Good, I knew you could.

It's rather a shame that this homeless man did not succeed in stealing the car. It would be one less driverless taxi (read "automated traffic hazard and pedestrian killing machine") on the street mindlessly running over people, interfering with emergency vehicles, and the like.

I don't know whether they'll be able to get past the requirement that Apple have sufficient market power in at least one of the tied products; but it seems like a pretty straightforward argument that iCloud is tied to iDevices in a number of ways that typically aren't wholly without justification(eg. having iCloud be the only thing you can restore from reduces the complexity of the first-run restore option because it can just assume iCloud; rather than Apple having to define an interface that 3rd party restore providers would offer or add a pre-restore app install section so that the relevant 3rd party app could be installed to provide the restore interface(the way 3rd party apps can snap into the "Files" app); but which are...awfully convenient...given Apple's margins on both cloud storage and higher storage phone models.

It probably doesn't help(if Apple seeks to make some sort of "we do it for the security of the people!" argument) that iOS historically(and still does, though it is much de-emphasized) supported either unencrypted or encrypted backups and restores over USB when directly connected to a computer; so clearly it was possible to design a backup mechanism for an untrusted storage medium back when cabled syncs were still general practice; and they specifically didn't bother to do that for networked backup and restore.

This seems like a pretty tenuous theory. There's a reasonably solid suspicion when businesses with clear connections to the cube farms, like restaurants and coffee places whose main draw is proximity to offices(and, typically, because of the way the zoning shakes down, significantly less proximity to things that aren't offices) are involved that people no longer seeing them as convenient, because they aren't in the office, or requiring their convenience, because it's a lot easier to make your own coffee when you don't have a commute.

This is a department store though: furniture, clothing, cosmetics, jewelry, housewares of various sorts. Am I claiming that literally nobody has ever popped over in an emergency after spilling coffee on their pants; or that it has never benefitted from being more convenient because it's on the way home from work? No, that sort of thing must happen at least occasionally. Do I buy that people drawn to the area by the fact that they work there are the primary audience for those sorts of (more typically) planned purchases? That seems like a hard sell.

It's a very easy decision for me. In short, I will not allow an eatery to nickle and dime me, raising or lowering its prices willy-nilly. I go to places because I know what their prices are. They're part of the calculus. Variable pricing? No Wendy's. It's as simple as that. Of course, for me it's is an easy decision for me because the Wendy's in town closed years ago and was replaced by a Starbucks and a BBQ place. If I want a frosty now, I have to wait until I leave town, but knowledge of this shit will not sit favorably with me.

I'm having a really, really, hard time seeing the case for transparency in a screen this small. Sure, if a screen is going to dominate your field of view there are cases where you might need to consider how the stuff onscreen is going to coexist with the rest of the world(though many more where the point is that your screen is dominating your field of view because you are working/gaming/watching a movie and not looking to be interrupted); but this isn't that screen.

Even your 17in 'desktop replacement'/'mobile workstation' monster just doesn't occupy that much of your field of view; especially when you can just tilt it down a trifle if you want it out of the way. I'm having a hard time seeing the virtues of totally ruining the quality of the screen space you do have in order to retain visibility of such a relatively small space that you can easily inspect at will just by moving your head.

That's crazy talk. Do you know how many supply-chain attacks we suspect of being in still-sealed packaging?

The fact that her husband was able to obtain the material nonpublic information she was handling(and without any signs of especially sophisticated or invasive surveillance methods) seems like pretty solid evidence of sloppy handling of sensitive internal data.

That's definitely less of a bad look than either insider trading or deliberately conspiring to feed information to the inside trader; but it's still easily the sort of inadequately careful handling of sensitive data that would not go well with any job whose description includes handling sensitive data.

Not being directly involved in the insider trading presumably made the firing a decision, rather than basically mandatory; but not an unjustifiable one.

Being able to store considerable internal stress, and sometimes decide to release it in response to seemingly trivial provocation, is pretty classic behavior for glass especially if it has been chemically toughened, worked or deformed without being annealed, etc.

Embarrassing for it to happen on such an expensive device, and from a vendor that does a lot of glass; but not a huge surprise from the material.

It's reasonably predictable that a fundie judge would rule this way; 'fetal personhood'/assorted pearl-clutching about early stage embryos and fertilized eggs has been a very popular tactic for anti-abortionists for some time time now; but actually taking a position that basically makes it impossible to do IVF legally seems like it could be risky overreach for them.

IVF is notably popular even among people who are allegedly "pro life". This is particularly dramatically visible in the fact that, technically, the Catholic Church's position is that IVF is super bad; but the laity are basically in favor of it and its not something that the Church is typically willing to actually try to argue with people about: they'll deny communion to politicians for not being against abortion hard enough; but(while they won't deny their position on IVF, it's all there in writing) you basically never hear about it; unless someone proposes that it should be readily available to the unmarried or homosexuals: as a mechanism for married heterosexuals with fertility issues it's just too popular. Protestant denominations aren't even necessarily against it; and the ones that are tend to take a pretty similar position in practice: they shut the hell up about it unless it's being used by someone they don't approve of.

This judge gets to score his points(albeit in a ruling that was practically written to be overturned on establishment clause grounds by a higher court); but I can't see "Nope, you can't get IVF anymore" going over well even among the pious pro-lifers.

You don't even need to wait for that scenario to arise: successful uterine implant rate of fertilized eggs is well below 100% even in young, healthy, women under typical conditions; with various 'spontaneous abortion' and miscarriage events further along also pretty common.

IVF makes the failures a lot more visible, since people are watching closely and attempts are expensive; but human reproduction simply can't be done(on average; obviously there's someone who has managed to implant and carry to term all eggs ever fertilized) without significant attrition of fertilized eggs and embryos of various stages(with spontaneous losses more common early; but continuing right up to full terms stillbirths).

A sympathetic observer would probably try to argue something about intention: that it's somehow different to deliberately toss the excess after an IVF round is finished than it is to know that what you are doing is probably going to result in a bunch of failures to implant or early stage spontaneous abortions; but you won't actually be making the choice on those.

I'm not sure that's really viable: in a variety of circumstances we recognize that doing something in the full knowledge of the bad outcomes it is likely to have is seriously morally problematic(typically not quite as bad as outright murder, instead it's "reckless negligence" or "depraved indifference" or something). Whether you are talking IVF or natural attempted reproduction is only really morally defensible if the destruction of some fertilized eggs and early stage embryos is either simply not an issue, or vaguely unfortunate but so much less important than getting the child you are interested in as to basically not matter.