It's interesting, but it's actually easier to do "voice only" with a smartphone than a feature phone these days. On smartphones, you have Google Family Link or Apple [whatever they call it, iFamily or something probably], and on PCs you can use Microsoft Family Safety. On feature phones, you have nothing unless you pay for it through the carrier, but most feature phones now also have wifi chipsets and rudimentary web browsers and such things. So if you really want to lock it down and see what a kid is doing, you really need the smart phone that can run Family Link or iSomethingSomething.

Two of those countries closest to the US that come to mind are Haiti and Mexico, where violent crime and murder rates make the US look absolutely placid.

So you haven't been there, then? People flee all sorts of places, for all sorts of reasons. Extreme poverty does not a shithole make. San Francisco is far more of a shithole than most of Haiti will ever be. Seattle is becoming that way too; Detroit, Chicago, and DC have been that way for decades.

Of course, your bootstrap firmware is where things like CPU microcode are often held (to be applied at boot time), so if you want to address CPU vulnerabilities guess what... that means updating your bootstrap (BIOS/UEFI) firmware.

Your bootstrap firmware also talks on the network - iSCSI boot? PXE boot? NVMe boot (well, hopefully one day really soon)? What if there's a security vuln in one of those boot protocols that needs to be updated? The ability to do diskless (network) boot is a really valuable thing, and if it means one has to update their bootstrap firmware once in a while to handle it securely, that doesn't seem to be a bad tradeoff.

If you think in the context of a home PC or laptop, sure, fine, never update anything. If it's working, it's working, and very likely might not be a need to change (though in the case of a laptop sometimes important things like battery life bugs are addressed in that same firmware). In the context of servers? Manufacturers release updates for good reasons, and it pays to read the release notes and see which updates are important/applicable for a given environment. A default attitude of "we don't update firmware if it's working" is a really easy way to get into really bad places.

there is a difference between an operating system and a firmware

Are you so sure about that? What are the differences? Let's look at a BMC... it runs a "firmware." That firmware is a small embedded operating system with network access, ability to send commands directly to hardware, ability to intercept the boot process, etc. Are you claiming the BMC firmware shouldn't ever need to be updated because it's "not an operating system"? Or, let's take an EFI/UEFI system... again, firmware... but wait.. it runs an embedded OS, in some cases Linux. It can run code, interact with hardware, write to hardware, has network access... what, in your world, makes that less important to get updates than the operating system? Or, what about Intel's ME, which is update via firmware updates? That's another small embedded OS, with network access, ability to interface with hardware, run executable code, etc... should that not be updated when it has a security issue, because it's "firmware, and you literally should never need to update that." Or what about the NIC? It sits on the network, and receives network traffic, and talks to the rest of the system (likely even through RDMA, where it's talking directly into system memory). It has also had vulnerabilities in the past, everything from DOS type issues, to full remote code execution exploits. But wait... that's just firmware, why the hell would you ever consider updating that, just to fix a pesky security vulnerability? Or what about CPUs, surely those shouldn't ever need a firmware update.... unless they were made by AMD or Intel in the last 10 years, and are susceptible to any number of side-channel attacks.

I could go on, but the horse is already a pink mist.

I haven't been to El Salvador, but I've been to Haiti several times. It is NOT a "shithole country." It *is* a country with a lot of poverty and a lot of strife, but also a lot of beauty, talent, and exceedingly kind and friendly people.

It's a country that has been held in an oppressed state, primarily by the French but also by a lot of American democrats (notably the Clintons did quite a number on the country when they "helped"). It's also a country that has been held hostage by Vodou in so many ways it's appalling. I've known of people killing and eating their own relatives because a Vodou priest said that was the way to gain strength; the Vodou priests/priestesses have the strongest hold over the people when the people are kept in a state of poverty, and many in Haiti who have been liberated from Vodou believe this is one of the primary reasons the country is as impoverished as it is (not to mention, again, the French... until very recently, Haiti was paying the French for their "stolen property," the Haitian slaves who revolted to form the country).

Calling Haiti a "shithole country" is likely racist (non-Blacks in Haiti are pretty much a statistical anomaly), but it's most certainly ignorant and bigoted.

You're right, 20,000 is far too low. The actual number if you assume 10 different types of components with 5 potential firmware versions each would be 9,765,625 permutations. Thanks for catching that.

You seem to be wanting to make the same point I made, I think. If a company doesn't test firmware, and simply accepts what the mfg sends them, instead of normalizing to a known set of firmware, their solution is garbage. I've known people who wouldn't update disk firmware even after the manufacturer said "the firmware we shipped has a known bug that WILL kill your drive." Those people have no business being near production systems.

You also mis-read the bit about power supplies... I've seen a PSU bug that throttled the CPU when there was a power blip (think... upstream provider UPS maintenance) and then *kept it significantly throttled* until the server was rebooted. Tell me you wouldn't update that firmware once the bug was found? If your entire datacenter starts throttling at once because the DC provider does a UPS maintenance and your PSUs have buggy firmware, and it stays throttled until you reboot every damn machine, that *IS* potentially a major incident.

What the hell. You literally should never need to update your operating system. Why would you do that?

Oh wait.. because updates are released to fix bugs, including security issues, and compatibility issues, and sometimes even bring features you want to make use of. In the case of firmware, also because some firmware can't be downgraded, and you don't want 20 different versions of firmware running on the same type of component spread across your datacenter, each with its own peculiarities.

I do have professional driver training (rally driving, specifically, along with commercial vehicle), and it has been proven time and again (and is even documented in the user manuals that come with cars) that cars stop better (in a shorter distance) without ABS in certain conditions (most notably snowy/icy conditions). The entire role of ABS is to make it so a driver can steer while braking; it has little to nothing to do with stopping in a shorter distance. If a driver is driving correctly there should be little to no mixing of brake and steering inputs, unless it's adding of a bit of brake to initiate weight transfer onto the front axle, to help get the back end to come around to where it's wanted. In low-traction situations, the steering wheel is a "suggestion input device" and the only real effect of ABS is to nullify the suggestion.

On more than one occasion I have stopped well past the stop line in snowy/icy conditions due to ABS, where I would have stopped easily by the line if it had not kicked in to "help." I pulled the ABS fuse in whichever vehicle I was driving shortly after each instance, and didn't have that issue again.

Right... they're not necessarily that sensitive, but they do need to be tested. If there are one or two baseline sets of firmware to test against, this isn't terribly difficult. If there are 50 permutations of firmware, it's a much larger test effort.

Generating a quarterly list of "current firmware for our platform" and installing it as a tested package makes life a hell of a lot simpler than just throwing whatever the vendor sends you into a production environment and hoping for the best. I've found that when you have a large enough server farm, the edge cases will eventually find you every time.

I used JetBlue to get some guests to my wedding... they have a lot going for them, and if I didn't live in the hub city of another airline I would very probably fly them.

Sadly, if they're buying Spirit, it reduces my options for at least one common destination I fly to (about once/year for the last several years) from 3 to 2. It used to be served by Delta, American, JetBlue and Spirit, but Delta dropped the route a couple years ago. If this goes through, it seems my choices will be down to American and JetBlue, and I don't expect that will do me any favors where schedules and fares are concerned. ...but life goes on, I guess.

Some of them may not, if they don't care about security, or reliability.

In practice, when you manage a large fleet of servers, firmware updates ought to be at least a quarterly thing, if nothing else because it makes your test efforts possible. Do you have any idea how hard it is to do adequate testing of a new version of an OS/kernel if you have 20,000 possible permutations of system firmware? It's not just BIOS one has to be concerned with... it's BIOS, NIC(s), CPLD, storage controller(s), storage device(s) (possibly some mix of SATA and NVMe, even SAS still for those edge cases), BMC, CPU microcode, even power supplies (which yes, in a modern server they have their own firmware, and the wrong firmware can cause big problems - I've seen it, when a brief power interruption cause CPU throttling which continued even after power was restored, and despite the second PSU having plenty of capacity to handle the entire server).

If an "organization" orders several thousand of the same server config, over the course of 2 years or so, and they all come in with different firmware and aren't normalized, it creates endless system management and compatibility headaches.

Maybe it's time to remove most of those "features" from the required equipment list. The only one I have any use for is airbags... the rest I either intentionally disable (ABS) as it's caused me more problems than it's saved me from, or ignore (backup cameras) because it's almost worthless (I can see better using my mirrors, and usually the camera is dirty/fogged up/distorted by rain to the point it's not usable anyway).

Airbags would be trivial to implement by basic electro-mechanical means rather than computer control (in fact, that might be preferable in case of electrical system failure in the car). The rest, rip them out and give me a car I can drive, instead of a car that drives me.

Sadly both are trash (ok, maybe a bit harsh... 'lacking' is a better word) as far as modern word processors go. I used OO almost exclusively through college and for a while after that (early 2000s) and it was reasonably comparable to MS Office at the time. It hasn't progressed much since then though, and when I have tried to use newer versions they're missing half the features of MS Office I've come to like and rely on.

Of course, I mostly feel the same about the Mac version of MS Office when compared to the PC version. Word is ok, but Excel and Outlook on Mac are infuriating sometimes in their lack of support for certain features.

Comcast in Western Washington doesn't really suck - it's what most people use if they're not in an area covered by Ziply, because it's relatively inexpensive and overall it's pretty reliable, pretty fast, and when you call for support you get connected with someone in the local area.

What I DO want to know though, is how the hell it costs $27k to run 181 feet of coax. These people need to go to Home Depot and buy a shovel or two ($10 to $30 depending on quality), some 1/2" plastic conduit, and run a line to the edge or their property or wherever Comcast terminates, then tell Comcast to come hook it up. It's not that hard, OR that expensive.