I downloaded and created a 64-bit install DVD for a test system which had Windows 7 Pro 32-bit because I was planning to switch it over to 64-bit anyway. Obviously this requires a clean install.

Turns out that to activate, you MUST do the upgrade from an activated Windows 7/8/8.1. Apparently that will register the hardware signature for the activated Windows 10 on Microsoft's servers. After you've upgraded to Windows 10 that way, you can then go back and do a clean install if desired - because that hardware signature is known it'll activate on its own after the clean install, or at least that's how I found it described.

I was just glad that I had the Windows 7 Pro SP1 64-bit ISO handy - I ended up reinstalling that, activating (had to call in, when they offer you the smartphone option, TAKE IT), never even installing updates, then installing the upgrade immediately.

First and easy to miss given the title, Part 101 applies to UAVs (Unmanned Aerial Vehicles, under 25kg) and RPAs (Remotely Piloted Aircraft, over 25kg). Drones just happen to be the currently trendy version, but it applies to all sorts of model aircraft. It's also not new - this has been in the works for months so those interested in it shouldn't be particularly surprised.

Second, the "license" (Part 102) is an Unmanned Aircraft Operator Certificate and in addition to the fee requires applicants to "provid[e] evidence they have conducted adequate risk assessment and developed a risk management plan." This does not strike me as all that unreasonable.

Organized flying on private land is still perfectly viable (e.g. a flying meet - it's private land, if someone shows up who doesn't want UAVs around, the owner/organizer can request/require that they leave the private land). Casual flying in public parks, etc. becomes more of a problem, but serious flyers who've bought or built good rigs are also more likely to be folks who can pony up for the Part 102 license. Links to a bunch more information and the actual CAA rules are here: https://www.airshare.co.nz/rul...

"Those are some nice hinges there. Be a shame if something happened to them."

Portable external monitors have been around for some time, with USB power and connections though some may have HDMI or VGA inputs available. They're not terribly expensive, the cheapest 1920x1080 I saw on a quick look is under $160 for a 15.6" USB-powered one from ASUS but there are other manufacturers. 720P ones are available for under $100.

If you have an appropriate tablet, there's also some software that will let you use an Android or (I think) iOS device as an added monitor either via WiFi or USB connection. My easiest and cheapest external monitor would be an old Barnes & Noble Nook HD+ with CyanogenMod on it - 1920x1200 on a 9" screen connected via USB, and I suppose I could try to fabricate a mount for my laptop to hold it...

The regular safety measures weren't in place because they were installing the systems, so most likely they had people working on different things and someone started testing their piece without realizing it was already connected.

The more significant thing from a Slashdot point of view is that Financial Times writer Sarah O'Connor tweeted about it yesterday which coincided with the release of the new Terminator movie and it blew up into a somewhat inappropriate (someone did die) Twitter storm of SkyNet jokes.

I suspect that this is a regulatory issue related to the fact that they treat those cards as field-replaceable items. Since almost all of the cards used are going to be wireless adapters linking into the built-in antennas, they may only be whitelisting cards for which they ran testing.

I got burned by this trying to switch someone with cheap ThinkPad Edge systems over to 5GHz - turned out those cheap systems were sold with no choice of wireless, so the whitelist was very short. We ended up replacing some network infrastructure instead.

Not sure what they're doing on the current line, but my T430 has 4 levels: off, low backlight, high backlight, screen-mounted light.

I use the backlit options all the time, don't think I've ever done much but blow past the overhead light though.

I haven't dug into the details, but I suspect it's more "It only happens when the phone checks for a keyboard update and the server tells it there's one available."

The problem in that statement is if it's "the server" not "Samsung's verified server." If the signature on the downloaded file isn't verified but it's checked and downloaded only over a secure connection to a valid server then I'm less worried. If it's checking over a secure signed connection but downloading over an insecure channel that's a problem anytime they update (since the download can be MITM'd). If it's checking regularly in a way that can be spoofed, then this is a huge huge issue because any compromised / malicious open WiFi hotspot could be MITMing the check and download.

Of course, it's not like there are a lot of Samsung devices out there. They have a pretty small share of the market, right?

Swiftkey has a checkable option under "Customize" in their settings for "Show a number row in all layouts."

It also has options on larger screens to include a numeric keypad, not sure exactly what the settings are for that though.

I strongly suspect that if they're doing this kind of wholesale replacement they're going to be doing a lot more hardening of it, particularly in terms of communications between sites, etc.

They know the current system is infected, that they can't clean it (because they can still see signs of the active infection), and that effectively they're reduced to paper or ad hoc replacements to avoid using the infected system.

Given a choice between A) work with it as-is B) Let separate groups that can't do "A" come up with their own separate workarounds or C) Replace it all, probably leaving out all the "we can't block this because of X, Y and Z" since X, Y and Z are all being replaced.

In some ways it's almost like reinstalling your entire OS every year or two to clear out all the cruft, it's just on a much larger scale.

Because at the end of one expenditure they have an aging computer and at the end of the other they have something if not new then at least much newer.

The end of Windows XP was a great example - I had customers who still had some XP boxes that were perfectly capable of running Windows 7 - PentiumM/Core/Core2 systems with 1-2 GB of RAM, etc. Adding RAM and purchasing a license for Win7Pro for those then installing, updating, installing software, etc. for 1-3 PCs per office wasn't something I could recommend to customers even though the end result would have been the same cost to them as just getting a new or off-lease machine preinstalled with Win7Pro. The cost to them would have been pretty comparable in either case, and the benefit to me in billable hours would have been higher for upgrading, but it's not something I'd do to my customers.

Think of it as the equivalent of fiduciary duty.

SURELY there is somebody who has enough knowledge and skill to do it

Absolutely there are people who could find all of it, and it may be possible to build or find a combination of tools to address all of the possible hiding spots they're able to think of. The problem is that those skilled people don't scale. As for the tool suite, while someone's attempting to assemble it, someone else is working hard at evading what's going into the suite - and even if they do put something effective together fast, how much confidence will there be that it actually got everything? It's like running a hastily cobbled together antivirus package on an already-infected system.

XKCD 1425 is actually somewhat relevant here in that a cleaning solution is that research team project, but Germany doesn't have the time to wait for it - better to EOL some equipment 2-5 years early and replace it than to wait for a solution that won't be available until have of that equipment would be EOL anyway.

And frankly, it's like something I tell my customers probably too often for my wallet's good: "I can fix it and I'd love to have you pay me to do so, but it's not worth you paying for my time to do so when we can replace it for around the same cost."

I can see why they'd be considering wholesale replacement, but I'm not sure it's going to be good enough for a long-term fix because of A) the scope of the problem and B) replacements that still have vulnerabilities. If the intruders have the level of access, time and resources that it sounds like and it's a "state sponsor" with substantial resources to dedicate, then they may have infected some systems at a hardware level that would be almost impossible to root out or detect.

Some of the things that might be compromised and difficult to detect or clean if detected would be hard drives (BIOS), network equipment (firmware in managed switches, routers, access points, etc.), printers and copiers (firmware, plus internal hard drives in some cases) and any other "appliances" on the network that are really special-purpose computers just like the items I listed above. Those "appliances" may be NAS devices, document management servers (some of which have been sold as turnkey solutions but which probably run Linux and some proprietary web and services software), HVAC systems, almost anything.

My best computer is a Lenovo T430 with a 1600x900 display, a 250GB Samsung 840 EVO MSATA SSD and 12 GB of RAM, plus a docking station for ease of external monitors. More than enough for almost anything I'm doing, though I've occasionally regretted not spending the extra $50 for upgraded graphics.

It does the job, but for 90% of what I'm doing I don't notice a huge difference in speed between that and a Thinkpad W700 with some level of Core 2 Duo. I figure at some point I'll drop $60 on a 120+ GB SSD and jump the W700 to 64-bit Windows, then see even less difference (Linux isn't a good option with the ATI switchable graphics in that generation).

My best non-portable is a venerable Core2Quad running CentOS that I need to get back up and running as a secondary Crashplan destination server.

Are these exciting? No, but they do what I need them to and if one dies or walks away it's easy to get back up and running with relatively little fuss due to backups and disk encryption.

That's what we're going to be doing with a few 2003 servers, all but one already running as VMs and that last one likely to be converted in the next month or two.

These are systems that need to be kept around for reference, old EMR or practice management systems where it wasn't feasible to export all data for import into a replacement system. Heck, in at least two cases I know of practices expressly deciding to not even migrate patient lists from an old billing/practice management system into a new EMR/PM system because the old system had data going back into the late '80s from physicians who'd been retired for 15 years on patients who'd not been seen in at least that long.

I fully expect that these systems will be kept around on life support until the expiration of the time period for which those records need to be kept. Records for any patients who have contact with offices now are exported (well, dumped into large PDFs) then imported to the new system, but in general I expect these systems to be alive for 10+ years from the date of switchover - fortunately we're not dealing with this at any places that see minors, and the number of disabled patients is small enough that their records (which may need to be kept permanently) can be PDFd and migrated.

Sure keeping the old system around is an expense, but it's still cheaper than going to the vendor of the abandoned EMR system for custom development of something to bulk-export records for thousands of patients - assuming that said vendor still exists. Paying tens of thousands of dollars for upgrades to disused systems just to get them on a more modern OS also isn't going to happen.

Unless you have deep philosophical reasons to never ever run Microsoft software, for almost any cutting-edge hardware youmay be better off just running VMWare (Workstation or Player) on Windows, then running your Linux within the VM. You may lose convenient access to some features, but you'll also get the advantage of better hardware compatibility and with most usage you probably won't much notice the performance hit.