I saw the same shit with spam. I used to receive a lot of backscatter from some spammer using my E-mail address as a fake from address. I received a ton of threats, random DoS attacks, mailbombs, ping-floods, and a lot of stuff because various dipshits couldn't understand the basics about what an open relay was.

The more ironic thing was finding out that before the deluge happened, I got an extortion letter threatening that postmaster and other E-mail IDs on the web from the site would be used as fake originations.

So some business with the absolute bargain-basement IT staff, chock full of bargain-basement novices is going to decide if a compromised workstation the receiving department at another company is sufficient cause enough to shut that firm down? This would be like carpet-bombing an entire office building because a bank robber ducked into the building's lobby.

Here is where real/virtual separate and analogies doesn't work: It is not difficult to cover one's tracks, especially with how many botnets there are on dynamic IP address ranges.

High volume server farms doing lots of web transactions. A 20% addition might mean having to have that many more servers behind the load balancer to handle the algorithm's added CPU load.

However, if it does protect against an up and coming attack, that penalty might not seem as bad compared to a protocol break.

They went into Shor's Algorithm, ECC, and such... but the article doesn't seem to show what algorithm they decided to go with that is resistant to quantum factoring.

Are they going with something lattice based?

Would be nice to have more details on what they came up with... 20% performance can be important, but what is more important is how the algorithm resists different attacks.

Probably the best fix for these shenanigans is a VM. Since the VM has no clue what battery status it is running on, nor CPU (especially if you use CPU masking), there is a lot less an advertiser can go on, especially if the VM is rolled back to a clean snapshot after each browsing session.

However, this does nothing against browser fingerprinting (actually nothing really does help here.)

We already has a privacy initiative, something called P3P which fizzled. DNT went nowhere, and this project is probably going to go nowhere as well.

The reason is that there are many, many companies whose basis of existence is to intrude as much as they can on the user browsing a site. If they can inject adware/malware, they would.

Real DNT consists of AdBlock, click-to-play or FlashBlock, then keeping the Web browser separated from anything vital, be it in a VM, sandboxed, or both. That way, LSOs or other "super-cookies" left behind are dealt with.

I'd add a Windows VM, sandboxIE and a VPN onto the list. It isn't as secure as TOR, but it does at least put a speed bump in place if someone is on your LAN trying to do shenanigans.

Eventually, I might put the VM on a vSwitch with a PFSense firewall, so I can set up a router ACL to drop all the bad sites there, but keeping the web browser running as a non admin user and in a sandbox will do a lot, and if there is some API calls that the sandbox program doesn't catch, it still has to get out of the VM.

I've been quite happy with YouMail for exactly this. It not just transcribes messages, but allows you to save the voice mails, not to mention ditch problem callers, either those on the robocall lists or people you don't want to deal with.

Plus, it can play a different voice mail greeting per caller if you want.

Of course, this works regardless of phone. If I'm using my iPhone, it works. I swapped the SIM to my HTC device? Still works. No platform lockdown.

This is an issue of "won't", or "not worth bothering with" as oppose to "can't". What it boils down to, is the "security has no ROI" philosophy. If a machine gets hacked? The maker can just throw up their hands and said the bad guys would have gotten into it anyway. This seems like how the entire IoT ecosystem is designed

We started down that road in the 1990s, as PCs went from being in physically sturdy, secure, lockable cases with real locks (Medeco, not just those four-pin cylinder keys), to machines that don't even sport a Kensington lock slot.

Companies can make secure products. It took five years for the PS3 to be cracked, and the latest generation consoles are being attacked by the world's best and brightest, and still not even a mention of a break has been seen. Satellite piracy is at 0% now. Even speed-hacking in WoW has been effectively stomped out.

If just a little bit of effort was put in, such as only allowing firmware to be flashed with signed packages, and enforcing that on the device itself, this wouldn't be an issue.

Of course, keeping malware away from hardware is a solved problem. Maybe it is time for all computers to have a built in hypervisor and run everything in VMs, which provides isolation from the hardware, and keeps firmware flashing attacks from happening.

I'm reminded of the "frozen" state with hard drives where the only time one can set or erase a password with them is just after boot, and before the OS loads.

Maybe this should be passed to other devices as well? UEFI or the BIOS passes the same "freeze" command to all devices on the machine, which makes them ignore any requests for firmware updates until the machine is powered off. This way, upgrades are doable, but it takes the user doing something specific to do them.

As an added bonus, the upgrades would be doable via iLO, so this would be a hair-puller for the enterprise.

That is the same principle how a proper BOFH does backups. Everything goes to /dev/null, and is properly "encrypted" with the above table. Fast, few I/O errors, and properly secure.

With multipath TCP, I can hit my quota on the DSL link, the DOCSIS based link, and the cellular link, all simultaneously.

I'll sign up for that newsletter.

Texas, one can be self-insured by ponying up a $55,000 bond to the state, or posting a bond that a lien can be placed on one's real estate.

Honestly, I'll just take the insurance. $55k isn't a lot, relatively. Tap a car, and that is often less than the medical bills of the driver + the vehicle (which likely would wind up having to be replaced.) Plus, insurance companies provide lawyers while without them, you have to provide your own and fight all court cases yourself, which can be a major time waster.

As for insurance and autonomous cars, I would be genuinely surprised if rates drop, mainly for one simple fact: The first gen of these vehicles will need to have a manual override, especially for vehicles that go into rural areas or on farmland. So, insurance on those will stay the same. Vehicles only used in cities, and subsequent generations that never require driver interaction? Who knows. I wouldn't be surprised to see rates dropped, only to be raised on some other facet of life, such as health insurance.

SPARC and POWER still have a place. There are some computing tasks that can't really be split up among multiple nodes, so they still require gigantic CPU requirements. Usually this is related to legacy databases which cost less to keep on the legacy architecture than spend the time to try to move it to PC clusters.

Another use for SPARC and POWER (and to a lesser extent, ARM) are security applications. In theory (and this is theory, mind you), if another F0 0F bug is found on the x86 platform, perhaps giving attackers remote access to ring 0, having multiple architectures will help mitigate the effects of it.

Of course, with SPARC and POWER, virtualization is an integral component of both platforms, and for some tasks, it just might be the case that slicing off a lot of LPARS and zones may be cheaper than buying a lot of PCs and using a VMWare cluster, due to the license fees involved.

Light rail does make sense, but the problem (especially here in the US) is getting right of way and having it be placed where it is the must usable. For example, Austin has light rail proposed every few years... but it would only connects the most affluent communities to each other, doing no benefit where it is truly needed. The places where it could do the most good to alleviate congestion, it never gets proposed, just because there are not the lobbyists to drive it forward.

Depends on area. Here in Austin where tenants actually are forced to bid for their rent price when their lease expires, just having an apartment for under $2000/month is a nice thing.

Until the economy tanks and apartments are extremely desperate to find renters, I really don't see EV charging stations going mainstream. Some "luxury" apartments, sure... it is a good way to have a reason to raise rent. However, there just isn't any incentive in this economy (which belongs to the landlord, especially with mortgages being so hard to come by for most people) for anything to be added to an apartment except more fees.