I was assuming it was based essentially on existing digital camera hardware with an extra authentication or signing step at the point the image is written to storage. That's how these products have worked up to now. Of course if the camera manufacturers are investing big bucks in developing a secure system from the ground up, my assumptions are wrong. But I don't see any indication that's what is being offered here.

That's right, I am assuming the connection from the sensor to the rest of the camera electronics is not part of the secure system. I think that's a fair assumption, as CCD or CMOS sensors are relatively simple devices and don't have room or time for cryptographic processing at the moment the image is recorded and read out. Even if not, the point remains that you could leave the electronic parts untouched and just project in the image you want to record.

But you don't have to crack the TPM or the secure enclave. You just have to replace the camera sensor with a custom device that outputs the image you want, and if necessary set the camera's date and time or fake some GPS signals. You could even keep the hardware untouched and use a slide duplicator attachment to make an authenticated copy of any image you want.

For many years advocates of more liberal drug policy have argued that addiction should be treated as a medical condition. And we're always told that mental illness should be seen as just another illness -- you wouldn't stigmatize or blame someone for having a broken arm, so you shouldn't do so if they are schizophrenic.

Well, isn't this the logical outcome? If a medical condition is severe enough to destroy your quality of life, and it isn't curable, then in some countries you have the option of assisted suicide. Why would you refuse that to someone whose condition is being addicted, if that's just another medical condition?

Hmm, you say a roundabout takes more space than a 4-way light *for the same amount of traffic*.

If that's true, it implies that roundabouts aren't that good after all? Since I thought their advantage was handling a higher volume of traffic. Like for example, if you put a four-way intersection with traffic lights it can handle an average flow of ten cars per minute, but a roundabout could take twenty cars per minute. In other words, greater throughput. (I don't know what the true numbers are.)

Perhaps the throughput is the same but a roundabout reduces the average time for a car to clear the junction -- in other words, same throughput but improved latency?

https://twitter.com/GoogleNoDe...

I do remember back in the day Google was known for its contrarian approach. Consultants would tell you that for an "enterprise" data centre you needed expensive servers, redundant power supplies on each unit, RAID on each unit in case a disk failed, ECC memory and so on. But Google decided to get the reliability at the large scale, throwing together large numbers of cheap systems with off-the-shelf parts and if one of them fails, well you just leave it there and use the remaining ones.

Nowdays it's conventional wisdom that servers should be "cattle, not pets". Perhaps in even in 1999 the smart people knew that. Perhaps I am setting up a straw man with these "consultants" who wanted an expensive, gold-plated approach. For sure it would have happened anyway without Google. But this guy did have to swim against the current.

There are companies who do "pay for play" Samba development. You pay 'em and tell them what you want in Samba, and they'll write it and upstream it for you.

Might be more than you want to pay though.

Samba does implement DFS, I wrote lots of the code for it and updated it recently :-).

I think you mean it doesn't implement DFS replication in the same way that Windows does.

Samba is only configured one way, via the smb.conf file.

Runtime control can be done via smbcontrol, but the base config file is always smb.conf.

When using local uses passwords *must* be separate as the SMB protocol and Linux passwords use completely different crypto.

Of course if you want synchronised passwords just add the Linux machine into the Active Directory Domain using Samba's winbind and users and passwords are identical of course.

Samba with an the iouring backend is as performant as an in-kernel version.

See Metze's talk this week at SNIA SDC 2023 in Freemont, CA. for details:

https://storagedeveloper.org/e...

This is completely incorrect.

Microsoft do not concern themselves with what SMB versions Samba supports when considering maintenance. At all.

As it should be IMHO. We match current versions of Windows and only keep SMB1 around in an "off-by-default" state for customers who can't or won't update old Windows / DOS clients.

I hope they market the augmented reality headset under the name of "Reality Distortion Field".