I thought we got rid of all that junk that Jony Ive was producing. Is this is special consultant contribution to unusability?

set ts=2 I like nested loops. A lot of nested loops.

They're replacing fossil fuels? Batteries are energy stores. The batteries could also be used as a store for energy generated from fossil fuels, could they not? The sources of the energy are solar and wind and other renewables, which is great, but I'm afraid batteries are not a long-term solution because of their production from non-renewable sources.

Doubtful that they'll pay much, if any, compensation for this. And then that compensation will only be to people who have the time and energy to follow through to obtain it. All of that ignores the compensation limits which are often less than the customer paid for the ticket. In short, they already have all of the money from the customers and will get to keep more of that money by not performing the service. Even if they pay some of it back through refund/compensation, they have been able to use the money, interest-free, from the time of booking until the compensation is paid.

My experience is that airlines will use any excuse to cancel flights, whether legitimate or not. It doesn't seem outside of the realm of possibilities that they're slow-walking fixes, regardless of recovery method.

The overarching (or underlying) question is whether Google/Android (and Apple) are aware of the vulnerabilities being exploited by Cellebrite and whether they intend to fix them.

When can we just get rid of systemd? Seriously. Yes, I know about devuan, but I'm talking mainline debian and downstream from there. It seems quite obvious that systemd is a failed experiment, architected by people who had little production-level server experience on the platform. If there are elements systemd does well, let's incorporate those back into the standard init system and move on without it.

It's about time that they're ready for production.

I'm not sure what you mean. Could you please explain again?

If this is the case, which I won't concede, exactly how many of the Microsoft tablets are sitting in a warehouse somewhere, only "sold" in order to make the numbers look good?

Actually, I've sort of been waiting for an @aol.com e-mail address to become retro/cool again. Like seeing the hipsters all wanting @aol.com addresses to show their hipster status. Apparently I'll need to keep waiting.

Seems like you're making an assumption that AES itself hasn't been backdoored and that the implementation of the same is also correct, neither of which I would assume. Steve

It's a few days early for the April Fools edition of Slashdot. I'm sure the MIT researchers in question think they really have something here but it would be nice if they would've looked around before beginning their research. It seems as though this system connects to a server which then sends back encrypted data. That data is then decrypted at the local client. And they made a browser plugin for it. How is this fundamentally different than public key encryption?

The performance is horrible. From the Mylar web site, "a 17% throughput loss and a 50 msec latency increase for sending a message in a chat application." A 17% throughput loss and 50ms latency is *huge* for something as trivial as a chat application. Imagine what happens when real data is being crunched.

There are still enough attack vectors that make this a non-starter. First off, the encryption itself is still brute-forceable by a determined attacker with enough resources. Second, it assumes a secure client environment. Finally, it assumes that your adversary plays by the rules and won't inject malicious code or backdoors into the software or encryption, with or without a complicit service provider. The client code can check authenticity? Cute, but only works if your adversary doesn't "require" that the service provider comply with a secret order to say that the code is authentic, even when backdoored.

Steve

I'm doing exactly this. I have a Pi firewall running with three total ethernet ports (the third is a wifi DMZ). I got another Pi and it's running asterisk for the house with a POTS connection via an Obi110. However, based on the load and RAM usage I could be using a single Pi for both. Speed tests show that the Pi performs the same as the full scale computer that it replaced. Check my blog for more details on the firewall rig. I haven't blogged about the asterisk setup yet. Steve

My first question is: Why? Why, if they're both hateful and fearful of change, would they need to change? Why not a newer version of Windows or a Mac?

Users aren't oriented towards their OS, they're oriented towards their tasks. Their typical question will begin with "How do I..." and then continue into "but then how do I...". So your first issue is to determine what they use and how they use it and then find out the best way to solve each of those individual use cases or problems. For example, "How do I manage my finances, I currently use Quicken?" or "How do I upload pictures from my camera?". You need to solve each of those use cases in a sane manner that's easy to use and just as good or better than what they have. Typical users, especially the ones you describe, don't want to spend any more time with their computer than they need to.

Don't underestimate a user's ability to forget things that they do on their computer. Again, they're task-oriented and so they won't necessarily remember that they need a certain program to update some infrequently used spreadsheet twice a year.

Only if you can help them complete their tasks should you switch; you shouldn't switch them to Linux because you perceive it as better; it might not be better for them and then they'll have a tainted view of Linux when in fact the problem was that they couldn't use their silly banner-creation software from 1999 on it.