And defeated by something as trivial as snow.
Where a human driver will estimate where the road is, and blaze a new trail.
No, excluded implies that steps or barriers were put in place to prevent them from participation. That is not the case here.
It may be news to you, but in many countries the population is far more homogenous than where you may be, and in some of them, black people are few and far between. That no black volunteer students participated is not due to exclusion but because of there being none to exclude.
Can you point at just one "black participant that was removed from consideration"?
In other news, they did not exclude any Sami or Maori students either.
Your dad said the same thing about flying cars.
Ubuntu's phone OS has one extremely attractive feature that if adopted by microsoft and working with intel could make for an absolute winner of a phone. What I want is to be able to get a functional and attractive smart phone, plug it into a dock and have a fully fledged computer, with a desktop keyboard and mouse that I can installl intel standard windows software on. It would require intel to pick up their game, but it would be awesome. Not a cut down RT nonsense windows that forces me to use a reduced catalogue of windows app, but a full blown windows OS with all the bells and whistles. Note, Apple could do this too, as I'm probably more comfortable on a mac than windows these days.
Is the general attitude of the public simply not giving a shit. This is currently front page news in the New Zealand Herald but it'll quickly be gone and forgotten, and nothing will change.
What is the deal with the general public's apathy when it comes to NSA/GCQH/GCSB/etc ?
Are we really at the point where it's too late to do anything about this and just admit defeat?
When was the point where it wasn't already too late? I think any of us still breathing must honestly answer that time was prior to our birth. If we ask our ancestors the same, they'd answer the same. If we asked them to ask theirs...
If someone gains root, they can swap out the on-disk boot image that contains the kernel, and wait for someone else to reboot it as part of normal maintenance.
Assuming there isn't something that prevents the boot image from being replaced. See my other, more extensive, comment in this thread.
Linux certification, not Linux skill.
The two may have a correlation larger than zero, but not much larger.
Um, no. First of all, there is no indications that they excluded anyone. The study was done with volunteers, and presumably with the students they had available at the Italian university.
Secondly, it's not clearly "black vs white" - the situation was "white vs anything else". Black was not in a special situation, vs. brown, red, green, blue or anything else not white.
From what I can tell, the study notes a racial bias. That does not prove or preclude racism. The bias can have other causes, but this study does not tell us.
But what you're saying is that rebooting is somehow a magic cure-all that guarantees the system isn't infected somehow
Don't be condescending. I'm not saying rebooting is a magic anything.
Whether or not this matters depends on the threat model and why the attacker is interested in patching the kernel. For example, one purpose would be to disable other kernel security features, such as SELinux, or dm-verity. Most SELinux rules are configured and the configuration can be altered by root, but some are compiled into the kernel and can only be modified by modifying the kernel. Altering the persistent kernel image may not be possible for a variety of reasons (read-only media, SecureBoot, etc.). In addition, in security-sensitive and mission-critical contexts an unexpected reboot may well be noticed.
I don't understand your assertion about SecureBoot. Are you referring to some known vulnerability of some particular secure boot system? Given a decent implementation of secure/verified boot, an attacker should not be able to convince the system to boot a modified kernel image, which means that run-time modification of the kernel is the only option if the attacker needs to bypass some kernel security enforcement.
In general, the security model of a high-security Linux system assumes that the kernel is more trustworthy than root. The ability for root to modify the running kernel invalidates this assumption, which most definitely is a security issue.
In the context of a system without mandatory access controls there may not be any reason to care, since once an attacker has obtained root there probably isn't any limit to what he can do.
It's no more a risk than current patching that requires a reboot, except that you don't have the downtime of a reboot.
Sure, if your concern is error, rather than malice. An attacker who gains root could use this to dynamically patch a backdoor into the running kernel. Rebooting the machine would potentially enable someone to notice.
As another poster noted, though, you can already dynamically patch the kernel for malicious purposes by loading a malicious module, assuming that hasn't been disabled. In contexts where security is crucial, I would disable both dynamic module loading and run-time patching.
I assume the communication companies were handing over a lot more than the NSLs can demand in the spirit of cooperation and that is why the retroactive immunity was necessary
The GP wasn't suggesting that excessive data was handed over, he said that an NSL could be used to demand installation of a backdoor. If I were a vendor, even one who really wanted to be cooperative, I'd balk at that, because the chances of something like a backdoor being discovered are too high. It would be actively sabotaging my customers, and not just to the NSA... a backdoor can't distinguish between users, it lets in anyone who figures it out. And, of course, if the existence of the backdoor were published it would do serious damage to my business.
Even companies who want to cooperate are going to be reluctant to do potentially business-destroying favors for the government. There would be a great deal of incentive to fall back on the law and refuse on the grounds that the law doesn't authorize such requests.
I'm skeptical that an Android device would survive running flat out for two years to crack a PIN. The heat and battery life issues I experienced when I tested it demonstrate clearly that mobile devices simply aren't designed to run full-speed 24x7.
Also, it should be pointed out that the attack I described is far from easy to carry out. Among other things, it requires dumping the contents of flash, which basically requires removing the flash chips from the mainboard without damaging it, then either putting the flash chips back or installing new flash, then the device must be unlocked, a custom, hostile OS flashed, and finally the attacker can start the multi-year process.
Note that the 630-day figure I cited is on average. It would take twice that long for a guaranteed break.
Finally, if you add one more character to your passcode (7-character alphanumeric), the crack time jumps from 630 days on average to 124 years.
I agree that Lollipop FDE still needs some improvement, but it's already quite good.
If you're a climate scientist who says there's no Anthropogenic Climate Change, there are lots of Fossil Fuel groups that will shower you with money - much like Tobacco companies would to any Scientists that said Smoking doesn't cause Cancer.
And predictably its often the very same "scientists" who where tobacco "experts" in the 80s saying that tobacco is harmless who now are "atmospheric scientists" claiming that CO2 violates physics and doesn't heat up when exposed to infrared light.
Agree 100%. Cheer-leading for SJWs makes me sick. But, it makes sense. Many people have trouble seeing consequences past the next 30 seconds. Pretty scary, isn't it?
Is this ever expanding definition of "SJW" now including protective fathers pissed off that creeps are harassing their daughters?
Well I guess I'm an SJW then, because anyone hurts my little girl and I'll put a bullet in their head.
Math is like love -- a simple idea but it can get complicated. -- R. Drabek