what has been done when some rogue government agency demands all of there "analytics" under some secret warrant or fishing letter.
TFTFY
Just because I'm 40 years old and can't run an iron man anymore....
"anymore"? Dude this is Slashdot, 99% of us couldn't run down the road, pictures or GTFO.
...they may have made some implementation faults that will allow an attacker to falsely keep their checks happy while still modifying boot files.
Well that to.
The key is probably only useful for signing firmware, probably only for this vendor and possibly only for this chipset, maybe even a single main board.
TFA implies it was for "Ivy bridge" so yeah probably tied to chipset, maybe multiple boards but the point is they've demonstrated something arguably close to gross incompetence, misplacing source code is careless, misplacing the signing key is a different league. This is a commercial product how hard would it be to have the key in two parts, held by two individuals on the dev/release team?
This system is built purely on trust and its gone, I mean, yeah "I'm sure they'll be more careful next time" but sarcasm aside there's no real way for them to demonstrate that.
The truly paranoid might even point out that if someone with the means found the FTP server first they could already have trojaned AMI's build servers (running AMI bioses no doubt) with a root kit tainted bios that produced new tainted bioses during compilation and lo' all AMI bios forever after are hence tainted in a never ending FUBAR circle of doom!!!
With three entire exclamation marks and all assuming it's genuine.
search-solely-for-profit [rather than search-for-general-utility in the economic sense] eavesdroppers in the middle of Kings Cross
As opposed to the tax spending eavesdroppers over in the middle of Vauxhall?
Yeah, except until Red Hat spots Canonical making in-roads on their business model and then squishes them...
http://www.trendcaller.com/2009/02/canonical-half-as-revenue-efficient-as.html
To be fair I'm probably a Red Hat fan-boi, I respect what Canonical are doing but... I just can't see how their going to make it work in the long run.
I would say at your parent's house but this being slashdot that's probably not offsite.
"Actually, BT is probably in bed with the people who actually run the country"
TFTFY.
On an only sightly less cynical note, you have to wonder if "the current government" are (as a conceptual entity rather than the specific case we have at the moment) any better at administering such a large/long project than a benign coperate monopoly (if such a thing exists)?
Exactly, that describes London to a tee.
"Uban sprawl" - Since about the 17th Century (http://en.wikipedia.org/wiki/Great_Fire_of_London#London_in_the_1660s)
Painfully expensive - Check
Traffic congestion - Check
Smelly - Check
Noisy - Check
"soul-crushing" - Can be
Restaurants, shops, galleries, theatres, sports venues - some of the best in the world.
Boring - Nope
I'm afraid the 1st of April has been and gone.
The only benifit to the population at large in this entire exercise is that we now have the names and addresses of the people stupid enough to pony up ~$180,000 for an almost certiainly pointless TLD. 419-fodder if ever there was any.
http://www.youtube.com/watch?v=fLegSgWi0cI
March of the Gladiators (Circus Clown Music)
Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?