Or you have functionally the same car each year with different upgrades, hence Plymouth, Dodge, Chrysler models with interchangeable everything.
One of my clients bought a Ford pickup, then replaced stuff with all the aftermarket Lincoln parts (who knew there were Lincoln pickup trucks!) and now he drives a Lincoln!
Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash.
The fact that this practice is widespread in the Linux world originates from the usage of insecure FTP mirrors run by volunteer admins. There it's possible for a mirror to get hacked independently of the origin web page. A company like Seagate doesn't rely on volunteers at universities to distribute their binaries so the technique is pointless.
A tool to verify the firmware is poetically impossible to write. What code on the drive would provide the firmware in response to a tool query? Oh right
BTW call a spade a spade. Equation Group == NSA TAO
The issue with Silent Circle isn't their jurisdiction. It's that their code is of deeply questionable quality. They recently had a remote code execution exploit that could be triggered just by sending a text message to their phone. It's been literally years since one of these affected mainstream software stacks, so how was that possible?
Well, they wrote their own SMS parsing code, in C, and used JSON to wrap binary encrypted messages and there was a bug that could cause memory corruption when the JSON wasn't exactly in the form they expected.
The amount of fail in that sentence is just amazing. They're a company which justifies its entire existence with security, writing software to run on a smartphone where the OS itself is written in a memory safe language (Java) and yet they are parsing overly complex data structures off the wire
After learning about that exploit and more to the point, why it occurred, I will strongly recommend against using Silent Circle for anything. Nobody serious about security should be handling potentially malicious data structures in C, especially not when the rest of the text messaging app is written in Java. That's just crazy.
And thank you for that. I found beta unusable (and unreadable unless I turned CSS off). I'da hated to give up on.... good gods, 17 years I've been here??! the site is older than some of its users!
One thing that comes to mind on this 'new' look is make sure you check how it behaves at very large font sizes (which a lot of low-vision folks do use) and not necessarily an ultra-wide screen. Right now the Search box winds up overlaying part of the top menu.
Pay them to not fill your brand new machine with crap? Name another market where you do that...
"Natural" vs. regular processed foods.
The automobile industry coasted on that for decades. Identical car, different fenders.
No doubt so, but how about the cost of operations in rough country with poor access, where going in on foot is feasible (witness the illegals crossing it) but patrolling in ground vehicles is not?
Hence I think the real comparison should be: How does the cost of using a drone compare to the cost of using a helicopter in those same areas? I'd guess the drone is significantly cheaper.
Second, how long does it take a drone to patrol, compared to a manned ground vehicle in the same area? What's the total patrol cost per hour for drone vs 4x4?? (Don't forget to factor in the cost of the 4x4 as well as for the drone.) In rough country, a drone (or helicopter) can get an overview in a few minutes, but a ground vehicle might be forced to wind back and forth for an hour to reach the same point (and might still not get a view of the ravines). If patrolling a given area takes the drone ten minutes and the 4x4 an hour, which one is more cost effective?
How does it affect man-hours? The patrol is generally two men, while the drone only needs its operator.
How does all this affect insurance rates on their various equipment? Do reduced hours in use also reduce rates on 4x4s and such? (Certainly it will reduce maintenance costs.)
Lots of factors to consider, not just 'dollars per arrest'. We need to see spreadsheets and balance columns, not assumptions.
The ginormous geniuses I've met don't seem to consider themselves intellectuals, geniuses, or whatnot. I've started pointing out that I'm a genius after recognizing that genius is a matter of technique, and so geniuses can be made: we can turn roughly 100% of the population into geniuses by proper training, with strikingly little effort. As such, one of my future political plans is to tweak the education system to normalize geniuses, bringing the baseline up to something most people believe is an inherent force of genetic superbrainism. Maybe then people will stop pestering me or, worse, trying to hire me with the justification that I'm smart and they want smart people on their team; they have smart people, if they would just act like an intelligent species.
Now, having understood that the only thing that ever stood in the way of my dreams was myself, I must go learn to draw. I realize now that I can't draw because I've never put in the exact same effort that career artists and famous painters put into the subject, and so never learned to draw; it's not that I can't, but that I simply decided not to. That changes now.
A... ah. No, not the one. Not the one, no talk, not the one. The one who will be, but not the one who is; so, not the one.
A core dump is two projects: find out what's wrong, fix it. You cannot estimate how long it will take to fix a problem until you know what the problem is.
How are you an expert when you consider a core dump to be a reasonable place someone would try to estimate bugfix time from? You can't estimate until you can plan the work, until you can draw a work breakdown structure and show what must be done. Even projects are chartered with a big budget and time estimate based on "this is 3x bigger than something else, so it takes 3x longer and is 3x as expensive", and then broken down into work that all comes together and says "okay, it's only going to be 2.1x as expensive and take 2.3x as long". That initial budget estimate? It comes from a dozen or five dozen or hundreds of prior projects, all with varying times, so you can say, "Stuff of this size and complexity has a low-water mark of like 5, a high-water mark of like 11, and tends to take more like 7.2" and decide how important the project is and thus if you want to budget for more like 5 or more like 11--and the same goes for the broken down work.
You can't even estimate what a bugfix is from a core dump. Someone brings you a core dump and says, "I need a bug fixed." They may as well bring you a blueprint and say, "I need a house built." Until you open the damn blue print up and see if you have a 1200sqft row home or a 4500 sqft Victorian, you have no fucking clue what you're doing, and can't tell them how long it's going to take. Once you unroll the damn thing, you can give them a ballpark estimate by glancing at the paper once; take a few hours to study the blueprints and work out what work actually needs to be done, and you can give them a better estimate.
Then, I recorded over/under for every project and found (over about 24 programmer data set) that programmers consistently overshot or undershot their estimates. So after a few projects, I had a pretty good idea of their deliverables.
Doing it right.
Made worse by the fact the indian contractors said "I'll do my best" for "no- you are batshit crazy" and then things fell apart when the indians were unable to deliver.
This is a cultural thing. Asian cultures are strongly hierarchical: you always agree with the guy above you. Never argue. You need to either read the cues or break them of that.
Then the people you are working with are stupid.
Get Rita Mulcahy's PM Crash Course (the green book) or RMC Project's CAPM Exam Prep, and the PMBOK 5th edition. Give a read through. Then you'll understand.
A good project manager uses historical data and the expert judgment of the project team to estimate the complexity of the project and determine the time required to perform the work. This is done in many ways: projects are compared to similar projects and scaled to size for a ball-park figure; projects are broken down into work packages, themselves broken down into activities and tasks, all of which the project team estimates the complexity and time required for, accounting for how long it took them to do similar things; time variance from historical data and current contexts are accounted for, providing a low, most-likely, and high mark (2 weeks in the best case scenario; most likely, based on prior work and known information, 3.5 weeks; some disaster scenarios bring in a 9 week estimate--that kind of lag HAS happened).
The more work is done, the more accurate estimates for budget and time become. Agile projects deliver in phases, iterations, and increments, and so can estimate work later in the project based on risk events earlier in the project--opportunities that cut time and can be exploited to cut more time, threats that cost time and may further cost additional time. In this way, "Historical Information" even includes work performance information for the parts of the project already completed.
It's all probabilities.
The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.
