As did the kid in this instance. It's not like the father broke into his medical records or installed a spy camera in the doctor's office. He came to know about it by entirely above-boards means.

Part of the weirdness here is that some folks have gotten the idea that in life, if you tell a person something in confidence they have a legal obligation not to tell anyone else. I have no idea where they got that idea. It is certainly wrong to betray someone's confidence like that, but the law doesn't exist to punish every social betrayal.

Revealing that someone is transgender is relaying details of their private medical history.

Well, I guess it's illegal in Canada, but I'm going to tell you right here that Angelina Jolie had a double mastectomy because she is a carrier for BRCA.

It wouldn't be surprising if there will be some demand for bite-sized physical machines from people who think that they can't assume hypervisors will be security boundaries; but I suspect that getting actual improvement will be harder than it looks; especially if you aren't willing to sacrifice convenience:

VMs are, certainly, in no small part about utilization and economies of scale: until you get to the point of systems 'big' enough that they seriously restrict your choice of vendors(eg. basically everybody sells 1-2 socket systems; 4-8 means Xeon, and only certain more expensive Xeons, more than 8 sockets means some fancy custom interconnect) it's basically always cheaper to slice a bigger system in half than it is to buy two smaller ones: much less redundant hardware that way.

However, they are also about management convenience that you can't really get out of a physical server without adding a (potentially dangerously) capable BMC or similar computer-inside-the-computer(like the "nitro" controllers that AWS uses): and the history of BMC vulnerabilities(both against their network interfaces and against the components they expose to the OS running on the system) is not entirely cheery; with the situation probably looking worse if you want a BMC that can do all the various management things vsphere can do to an ESX VM.

There's also the question of OS driver vulnerabilities and hardware/firmware vulnerabilities: this VM escape relies on ESX's virtual USB device being buggy; it's not as though you would necessarily have greater confidence in the virtual USB device the BMC uses to interact with the OS; or even the firmware of some of the physical devices on the motherboard.

If anything, while they clearly aren't perfect and can't be trusted enough to avoid much greater attention to how to keep guests from interfering with one another; my suspicion would be that the complexity, and thus bug potential, of real peripherals is considerably higher than that of VM peripherals; especially the newer ones that are explicitly abstractions designed to be convenient for virtualization; rather than close imitations of common physical hardware intended for compatibility with OSes that don't expect to be running in a VM.

There are some 'usb devices over IP' software offerings that add a virtual USB root and can be used to connect USB devices that are physically connected to other hosts(obviously this works better with relatively low-bandwidth and latency-insensitive things; it's more about license dongles and USB to serial converters than video capture devices); so you do have options(and those offerings also tend to have explicit support for relatively easy switching of the USB devices being redirected between multiple hosts, if that's required); but it seems pretty unlikely that their virtual USB devices have gotten the same amount of probing that the vmware ones have, since they are relatively niche offerings vs. being the de-facto on-prem virtualization option(at least until Broadcom showed up).

Potentially still worth it, if you've got some absolutely unpatchable ESX host running at least one guest that must have USB, since the vulnerability on the vmware side is now a known one; but quite likely to not be a net gain in security vs. a patchable host; just given the relative amount of attention given.

There was a somewhat similar(also a bug in the virtual USB device allowing manipulation of the VM host from inside a guest with virtual USB a few years ago. There have also been a couple(CVE-2015-3456 and CVE-2021-3507) targeting the virtual floppy drive device.

They seem to be relatively rare; though tend to be pretty alarming when they do come up because their relative rarity means that people often treat a hypervisor as a reliable security boundary so there isn't necessarily a lot of backup built in to handle cases where that assumption is invalidated.

I don't know whether they'll be able to get past the requirement that Apple have sufficient market power in at least one of the tied products; but it seems like a pretty straightforward argument that iCloud is tied to iDevices in a number of ways that typically aren't wholly without justification(eg. having iCloud be the only thing you can restore from reduces the complexity of the first-run restore option because it can just assume iCloud; rather than Apple having to define an interface that 3rd party restore providers would offer or add a pre-restore app install section so that the relevant 3rd party app could be installed to provide the restore interface(the way 3rd party apps can snap into the "Files" app); but which are...awfully convenient...given Apple's margins on both cloud storage and higher storage phone models.

It probably doesn't help(if Apple seeks to make some sort of "we do it for the security of the people!" argument) that iOS historically(and still does, though it is much de-emphasized) supported either unencrypted or encrypted backups and restores over USB when directly connected to a computer; so clearly it was possible to design a backup mechanism for an untrusted storage medium back when cabled syncs were still general practice; and they specifically didn't bother to do that for networked backup and restore.

This seems like a pretty tenuous theory. There's a reasonably solid suspicion when businesses with clear connections to the cube farms, like restaurants and coffee places whose main draw is proximity to offices(and, typically, because of the way the zoning shakes down, significantly less proximity to things that aren't offices) are involved that people no longer seeing them as convenient, because they aren't in the office, or requiring their convenience, because it's a lot easier to make your own coffee when you don't have a commute.

This is a department store though: furniture, clothing, cosmetics, jewelry, housewares of various sorts. Am I claiming that literally nobody has ever popped over in an emergency after spilling coffee on their pants; or that it has never benefitted from being more convenient because it's on the way home from work? No, that sort of thing must happen at least occasionally. Do I buy that people drawn to the area by the fact that they work there are the primary audience for those sorts of (more typically) planned purchases? That seems like a hard sell.

I'm having a really, really, hard time seeing the case for transparency in a screen this small. Sure, if a screen is going to dominate your field of view there are cases where you might need to consider how the stuff onscreen is going to coexist with the rest of the world(though many more where the point is that your screen is dominating your field of view because you are working/gaming/watching a movie and not looking to be interrupted); but this isn't that screen.

Even your 17in 'desktop replacement'/'mobile workstation' monster just doesn't occupy that much of your field of view; especially when you can just tilt it down a trifle if you want it out of the way. I'm having a hard time seeing the virtues of totally ruining the quality of the screen space you do have in order to retain visibility of such a relatively small space that you can easily inspect at will just by moving your head.

Quite frankly having two credible alternatives is better than having only one.

When reading a legal opinion, it's important to distinguish when a decision is based on procedural or substantive grounds. Most of the time, procedural issues are handled first, so when a court rules that way, it means they are taking no position on the substance of the case.

And so in this case, it was entirely procedural -- the judge said that under the Administrative Procedure Act, the agency has to go through a formal rule making process rather than using an emergency request. That's entirely a defect of the process used to pass the rule and not a judgment about the content of the rule in any way. From the opinion:

Plaintiffs have also shown a likelihood of success on the merits on their claims under the Administrative Procedure Act, the Paperwork Reduction Act, and the Declaratory Judgment Act ...
The Court believes that Plaintiffs are likely to succeed in showing that the facts alleged by Defendants to support an emergency request fall far short of justifying such an action. As a result, the determination likely violates the APA.

I would expect that the DOE goes back and does things with the right process and it will all be fine. Or at the very least, the judgment today doesn't say anything whatsoever about whether a challenge to the substance of the rule has any merit.

That's crazy talk. Do you know how many supply-chain attacks we suspect of being in still-sealed packaging?

The fact that her husband was able to obtain the material nonpublic information she was handling(and without any signs of especially sophisticated or invasive surveillance methods) seems like pretty solid evidence of sloppy handling of sensitive internal data.

That's definitely less of a bad look than either insider trading or deliberately conspiring to feed information to the inside trader; but it's still easily the sort of inadequately careful handling of sensitive data that would not go well with any job whose description includes handling sensitive data.

Not being directly involved in the insider trading presumably made the firing a decision, rather than basically mandatory; but not an unjustifiable one.

Being able to store considerable internal stress, and sometimes decide to release it in response to seemingly trivial provocation, is pretty classic behavior for glass especially if it has been chemically toughened, worked or deformed without being annealed, etc.

Embarrassing for it to happen on such an expensive device, and from a vendor that does a lot of glass; but not a huge surprise from the material.

It's reasonably predictable that a fundie judge would rule this way; 'fetal personhood'/assorted pearl-clutching about early stage embryos and fertilized eggs has been a very popular tactic for anti-abortionists for some time time now; but actually taking a position that basically makes it impossible to do IVF legally seems like it could be risky overreach for them.

IVF is notably popular even among people who are allegedly "pro life". This is particularly dramatically visible in the fact that, technically, the Catholic Church's position is that IVF is super bad; but the laity are basically in favor of it and its not something that the Church is typically willing to actually try to argue with people about: they'll deny communion to politicians for not being against abortion hard enough; but(while they won't deny their position on IVF, it's all there in writing) you basically never hear about it; unless someone proposes that it should be readily available to the unmarried or homosexuals: as a mechanism for married heterosexuals with fertility issues it's just too popular. Protestant denominations aren't even necessarily against it; and the ones that are tend to take a pretty similar position in practice: they shut the hell up about it unless it's being used by someone they don't approve of.

This judge gets to score his points(albeit in a ruling that was practically written to be overturned on establishment clause grounds by a higher court); but I can't see "Nope, you can't get IVF anymore" going over well even among the pious pro-lifers.

You don't even need to wait for that scenario to arise: successful uterine implant rate of fertilized eggs is well below 100% even in young, healthy, women under typical conditions; with various 'spontaneous abortion' and miscarriage events further along also pretty common.

IVF makes the failures a lot more visible, since people are watching closely and attempts are expensive; but human reproduction simply can't be done(on average; obviously there's someone who has managed to implant and carry to term all eggs ever fertilized) without significant attrition of fertilized eggs and embryos of various stages(with spontaneous losses more common early; but continuing right up to full terms stillbirths).

A sympathetic observer would probably try to argue something about intention: that it's somehow different to deliberately toss the excess after an IVF round is finished than it is to know that what you are doing is probably going to result in a bunch of failures to implant or early stage spontaneous abortions; but you won't actually be making the choice on those.

I'm not sure that's really viable: in a variety of circumstances we recognize that doing something in the full knowledge of the bad outcomes it is likely to have is seriously morally problematic(typically not quite as bad as outright murder, instead it's "reckless negligence" or "depraved indifference" or something). Whether you are talking IVF or natural attempted reproduction is only really morally defensible if the destruction of some fertilized eggs and early stage embryos is either simply not an issue, or vaguely unfortunate but so much less important than getting the child you are interested in as to basically not matter.