Comment Re:Go back in time 5 years (Score 1) 581
I eagerly await ls.service, cat.service, grep.service, etc. No point in having all those separate tools around when systemd can do it all!
I eagerly await ls.service, cat.service, grep.service, etc. No point in having all those separate tools around when systemd can do it all!
I use telnet plenty great for connecting to a tcp port and debugging. It's a horrid thing to run as a service and allow people to login etc.
Yeah, the client comes in handy at times to connect to port 80 and 'handcraft' a http request to see a response, etc... but running a telnet server/service on the machine? Especially on a "security" device?!?!? C'mon... that's just ludicrous in all kinds of ways.
Two things. One, the cloned FTDI subcomponents are in and of themselves essentially indefensible. The notion of "unclean hands" absolutely applies here. Two, that notion further applies to the manufacturer who included the cloned subcomponent in their product. To use a car metaphor, if a car is supposed to use a Bosch-made airbag sensor that has been well-tested and proven to be reliable, but the manufacturer instead knowingly uses counterfeit sensors, they open themselves up to enormous risk in any situation where the reliability of those counterfeit sensors has been called into question. They cannot rely upon any of the due diligence that Bosch has done, nor can they point to Bosch as being at fault. Furthermore, even if they point to the counterfeit manufacturer as being at fault, they themselves end up taking on some of that blame as well, for knowingly having included their product in their car.
No question about the manufacturer being at fault, nor can Bosch be sued for the failure of something they didn't make if it fails in a collision... except if Bosch releases an update 'firmware' for the vehicles that then sees your counterfeit airbag sensor and disables it from functioning at all even though it actually did function (although perhaps not to spec) and might well have saved your life in that accident that, because it didn't function at all due to Bosch's actions, wound you up with a crushed chest, minus one lung, and unable to ever walk again. It would probably be pretty easy, in that case, to prove that while the device may not have been up to spec, it might well have prevented damage that wasn't prevented because of Bosch's actions in totally disabling the device.
They didn't destroy anything, the fine summary is wrong. They temporarily and reversibly altered a writable configuration area to prevent the malfunctioning device from further malfunctioning.
Agreed, however to most users it will seem 'permanent' - and regardless, FTDI would still be potentially liable for other damages as a result of them modifying the device into an unusable (even if temporary) state. What if I'm a self-employed contractor with some critical work for a customer on two (for redundancy) external USB hard drives... that happen to have fake FTDI chips? Suddenly I update my driver and both drives stop working - even on other machines that didn't get the driver update - and on the day when I'm supposed to submit my $50K of billable work to the company, for acceptance/payment? Suddenly I've lost business, income, reputation, *and* probably future business... how much is that worth, and is FTDI liable for disabling devices that, unbeknownst to me, had fake FTDI chips, without even warning/notifying me that the devices weren't acceptable for their driver and letting me disconnect them or refuse/downgrade the driver update?
The import of a counterfeit product into the EU carries a fine up to 10k Euros / item. People bringing back fake Rolex watches were hit with a fine higher than the price of the genuine thing. Just saying...
Perhaps, but if I buy a watch off a guy on the street with a long trenchcoat filled with watches, I'm not 'importing' anything, he did (or perhaps his supplier).
Nobody could complain if they simply went and made their driver incompatible with the forged chips. If there is no working driver, then the customer would have to complain with the original maker of the hardware and demand a working driver. That's quite within FTDI's rights.
The point is that they attack the firmware of the device involved, which is by no accounts ok anymore. This isn't locking out a competitor, it's destruction of a competitor's hardware. Yes, that competitor didn't act correctly by trying to get a free ride. No doubt about that. By that logic, though, it's just a-ok for any printer maker to trash the printer (e.g. by hosing it with printer ink) should they detect that you use anything but their overpriced original stuff.
We are clearly in agreement here except on a single point: changing the PID is neither attacking the firmware nor damaging the hardware. After a PID change, the hardware (and firmware) is still functional -- as long as either some driver can recognize it or the PID is reset to a valid ID.
It may be that FTDI was unable (or unwilling) to find a way for their driver to stop supporting the counterfeited chips, so they just removed the mask (the PID) on the chip that claimed the counterfeits were genuine. That's not damaging the hardware or the firmware, merely modifying an embedded setting.
All that said, FTDI's actions were not appropriate -- and they will likely end up paying for it in the court of public opinion. However, FTDI's driver did not damage or harm the chips themselves -- and they certainly weren't (as some here have claimed) "bricked."
Regardless of whether they were permanently 'bricked' or not, your initial comment was about 'technologically ignorant users' somehow 'requiring' them to support the fake product - the driver can simply refuse to work with the device.
Now, however, you take that 'technically ignorant user' who went out and bought say 3 x 4GB USB dongles that happened to have fake FTDI chips in them, unaware of that fact of course, who then copies his business critical data, say 3 years worth of work, onto all 3 of them (for safe keeping)... then his machine auto-updates his driver (because, again, he's a technically ignorant user) and suddenly he can't get to his data... in fact, again, technically ignorant, he tries all 3 dongles (if the first one fails, try the backup(s) right?).
Now, he can't even take them to another machine that maybe didn't get the driver update, or a Linux machine without the proprietary FTDI driver... sure, it's 'fixable' by him say paying an IT geek (a non-technically-ignorant person) to reprogram the USB ID, but that's a cost he is incurring because of what FTDI did to his devices. And that isn't to mention that perhaps he needed that data to bid on a potential $million contract with someone, on a deadline that he's now missed because of what FTDI did to 'damage' his devices.
He most certainly, if it can be proven that FTDI is *deliberately* breaking (even temporarily) the devices in question, has a good case for damages from FTDI.
They have every right to have thier drivers detect the non-genuine parts, report them and refuse to work with them. Bricking them is clearly causing intentional harm to equipment they don't own. Never excusable.
Agreed. I'd have no problem if their driver reported it as unusable/illegal hardware and refused to work with it. Bricking my hardware is just being vicious to me, the customer, that possibly unwittingly purchased the device - and that kind of policy would make me want to avoid FTDI products in anything I own, real or 'fake'.
But one thing I would very much like to know is how this rootkit got installed in the first place. There's nothing about that in TFA.
That was my question too... how did it get there? I mean, kernel modules don't just magically appear and install themselves...
its always funny to see these posts from AC, no one has the balls to make such idiotic claims with their real names
If you think this is R vs D and not The people vs The government, i got a bridge to sell you.
Even if nixon started it, you have had how many democratic presidents since him? I mean, if the democrats REALLY wanted to end it, they could have. be it carter, or clinton, or now obama. But no. they dont only not stop it but they expand it.
When will people wake up and realize that voting for an R is the same as voting for a D, maybe not in the short term, but the long term as shown this to be the case
Well said. These days it's also about inside vs. outside; those with access to government and those without it. Or maybe ultra-wealthy vs. everyone else.
Your owners don't want it to change, the need more surveillance lest the slaves get restless and think of uprising.
unfortunately, no matter what your principles are, a pile of cash is a pile of cash. it has the magic power of a pile of cash. once cyanogenmod gets its pile of cash, we'll once again be looking for alternative roms.
Sad but true. It's a shame, becuase cyanogenmod has support for a lot of older phones that the phone manufacturers don't really support anymore.
2) You're clearly confused about what "lethal" means. Something is "more lethal" if it is more capable of causing death, not because it has actually caused more deaths, and it's a fact that Ebola is significantly more lethal than even the 1918 Spanish Flu, which is widely regarded as being one of the worst (50-90% mortality rate for Ebola vs. 10-20% mortality rate for Spanish Flu). Surely if you're on Slashdot you've heard about the LD50 for various substances and whatnot? The "L" stands for "lethal". It doesn't mean that that substance has killed more people than another substance. It just means that it is capable of doing so.
Exactly. An atomic bomb is far more "lethal" than an AK-47, but far more people have been killed by AKs because they are far more common and used. Which would you rather take your chances against (if those were your only options)?
Lets simplify this - you're looking to buy a new car, which would you rather buy...
Car A is a commonly available car that only occasionally (1% of the time) gets into lethal accidents due to icy roads, traffic (other cars), etc, but overall statistics say you could probably drive it for 20 years ("into the ground") and never get into an accident.
Car B is a rare type of vehicle, but frequently wheels fall off or the steering system fails and 50-80% of the time the accidents are fatal.
So you are saying that because tens of thousands of people choose car A it is more dangerous than car B which maybe has only had a few thousand deaths due to it's rarity?
Tens of millions of people get the flu (of many variants) each year, and many thousands die from it - but in general it is mostly the very young or elderly who don't have the immune systems to fight it off
That depends on what strain of H1N1 you are talking about. It's not a single virus and at times it has mutated into strains that are much more lethal. The pandemic in 1918 was notable in part because it tended to affect young healthy people. Epidemiologist don't worry about ebola too much. They worry a lot about pandemic influenza or Vancomycin resistant staph-aureus or any number of other diseases that are much tougher to contain.
The flu kills a tiny fraction (less than 1%) of those who contract it...
But it infects FAR more people. 1% of a very big number is a bigger deal than 50% of a very small number. The chances of you or I contracting ebola is a good approximation of zero. The chances of your or I contracting some strain of influenza is actually quite high. Worrying about ebola is kind of like worrying about a shark attack. Scary but absurdly unlikely to actually occur.
I was talking about the flu, in general, not H1N1 in specific (there's lots of flu strains around).
That being said, I'd take getting "infected" with the flu every year (I rarely get it) over getting infected with ebola even *once*. I stand a 1% chance of dying from the flu, even getting it every year for 3 decades I've got a pretty good chance of still being alive. I get ebola once, and I've got 50/50 odds or *less* of being alive in 3 months.
The current ebola outbreak is a serious issue but it isn't what keeps epidemiologists awake at night.
Yes, this, however should Ebola ever mutate into an airborne variant, watch them freak out
You're talking the virus evolving (mutating) into a new variant.
This is Texas, evolution doesn't happen there.
Can you give us a cite?
If I understand correctly, while there have been about 150 doctors and nurses who have died from the disease, none of them were wearing protective suits. In fact, all of them were working in 2nd tier clinics. All of these clinics had poor to no infection controls in place. Nobody has died in a major hospital which had infection controls in place. This strain of Ebola is not airborne – yet.
Actually I think some of those were wearing some protective gear... but Africa is a hot climate. I was reading an article recently from a doctor there who commented how hot it gets in that gear, and you struggle even after an hour or two not to be wanting to 'wipe your brow' because of all the sweating you're doing in the suit (eyes, nose, mouth are vulnerable spots for contamination). And that was someone in the full-on "bunny suit" (totally sealed) - you can imagine the people who we've seen pictures of with only a 'riot helmet' face protection with a N95 mask under it and a Tyvek gown. And of course every time you walk out of the containment area you have to be disinfected...
I've noticed several design suggestions in your code.
