Here is a 2006 article about the IGT Taxibus concept. It definitely wasn't conceived in Northern California air, but in the UK (circa 2001 IIRC).
The problem was they approached municipalities with the idea and no large cities climbed on board. So now the cities have to face the likes of Uber and Lyft who, I predict, will not collectively reach the scale needed to apreciably reduce traffic congestion (one of the aims of IGT). Combine that with no regulation and a consumer protection model that amounts to Yelp.com, and I'll guess that Uber and Lyft will in 7 years be less of a joke and more of a way to elict negative reactions from people (assuming you momentarily lack the gas to fart).
That's not even a carbon tax. There has been a debate amoung environmentalists whether to support cap-and-trade or a tax, with those favoring the latter pointing out the same dysfunction you have.
However, another poster pointed out that cap-and-trade can be made to work. Overall, I think it depends on both the magnitude of the proposal, and the level of corruption in the political economy
"The government argues the carbon pricing scheme has been ineffective, but national emissions have actually fallen by 0.8% in the first calendar year of its operation, the largest fall in 24 years of records."
Good thing you're not solving real problems. What. A. Fucking. Waste.
It just proves that a carbon tax cannot come soon enough.
Then the criminals will figure out how to falsify the signature with the bad firmware anyway.
Not if the user/admin gets to sign the devices (e.g. when they are initially purchased). Or... why not design the devices to carry multiple signatures (including but not limited to the manufacturer)??
Thankfully, it is possible to secure USB in a less extreme way. An OS like Qubes that can configure devices for automatic reassignment to an unpriviliged domain (i.e. virtual machine) can protect the hypervisor, BIOS, etc. from incidental attachment of malicious USB devices.
Currently, a Qubes user/admin can do this from the GUI on a per-USB-controller basis, but in future will be able to employ Xen PVUSB functionality to manage USB on a per-device basis.
They don't know what's precisely in those blobs, so its presumptuous of Mozilla to vouch for them. Its more prudent to put Cisco's key in Firefox and let Cisco vouch for their own code.
Why should Mozilla use their own key to sign code they did not compile themselves?
I always wanted a backdoor in my browser.
Are they addressing people's problems, or creating gadgets for elite techies? There is a huge ongoing crisis in personal computing because we have an Internet that (understandably) assumes endpoint security, but those points (PCs and mobile) are collections of black-box proprietary chips.
I have recommended running Qubes OS as a way to mitigate the security shortfall created by run-of-the-mill PCs and software, but that leaves us with the problem of trusting hardware designed and produced by a handful of large corporations who are increasingly willing to shaft their customers. Privacy and security are exchanged for maintaining a close relationship with the military-industrial complex (or police surveillance state, depending from which angle you prefer to view it).
In short, open PC hardware should be a priority for the open source community if not the IT industry as a whole. What are open hardware people doing about it?
Why indeed would Mozilla waste their resources on this when stability and security on web clients ought to be their greater concern?
If it were up to me, I would start with self-contained date formats like JPEG that browsers handle frequently, and put that code through a formal verification process. Eventually, maybe even HTML rendering and the browser could be subject to formal verification. This could strengthen computer security dramatically.
"Given the choice between accomplishing something and just lying around, I'd rather lie around. No contest." -- Eric Clapton