Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:"and found no evidence of exploitation" (Score 0) 13

It is easy to not find evidence of something if you don't look to hard.

This is a case where even if there were IOCs and you found them the clean up would be nearly impossible. Think about their 'Shared Responsibility Model' and the implication here. If MS were acknowledge some kind of serious breach occurred in their core Entra-ID IAM platform...they'd either have to be able to be able to conclusively identify all the impacted subscriptions or every single one of their subscribers would have to kick off their own IR process because how could they know they have not been backdoor'ed from inside their subscription.

Microsoft does 'dog food' so if Entra was exploited MS's internal management is possibly compromised so they could not be 'certain' about the impacted customers, at best they might get some sort of 'beyond a reasonable doubt level of certainty but we could never hit the 'yes the sky is blue standard'.

A not insignificant portion of MS clients (even pretty big important ones) likely have pretty deficient IR capabilities, independent of if they know it or not. Even the good ones are not at the 'we can assuredly remove any persistence work a state-level-actor did on our compromised systems' level without resorting to a large scale rollback-restore. Think the Azure infrastructure could handle that level of activity, the amount of storage-I/O to do all the analysis and IOC searches? the compute and I/O to do mass restores, all in small window...doubtful?

There is also the core defect in MS's approach to authentication that go back to the earliest days of NT, Microsoft stuff gratuitously authenticates all-the-time...Even when that isn't being directly exploited to gather authentication assets like hashes etc for attacks, it means the number and often meaningless or outright spurious log events make understanding what an actor malicious or otherwise was doing with an given set of credentials in terms of intent challenging. (Don't attack me for this statement I did not say impossible, IR professionals and good network security admins can, it just isn't simple.) Which adds a lot of cost to cleaning up an incident like this - if one were to be triggered.

So I don't think we should over look the POWERFUL motivations to declare this one contained. I do think we should recognize that Azure and AWS are probably 'TBTF' and really Congress should be taking a hard look at forcing some divestment and perhaps limiting the size of SaaS/PaaS providers in general. It is just to many eggs in one basket, there is a serious National Security and economic risk here. It comes down to a poorly managed or neglected mill pound might flood a few neighboring farms from time to time but if the damn breaks a large hydro electric resivor it might wipe entire towns off the map. The former might happen a lot more often because of who is in charge, and what resources the have to secure and maintain it, but you have to look at costs in terms of impact * probability. At some point the impact factor is just to large, for anything but a zero probability to be tolerable.

Comment Re:Better question (Score 1) 195

about the only case I can think of is interactive recipes.

Think about being able to check off ingredients or steps as you complete them.

Maybe being able to click and ingredient and select "recommend substitutions" - conceivably the smart fridge might know what you actually have to chose from.

The ability to note you are out of something and build up a shopping list, better than on paper because the system can sort the list by category / alphabetical / however later so its ordered sensible for the shopping trip

An easy way to control music playback while you do cooking/cleaning chores in the kitchen..

There are useful things you can do with a vertically mounted, easy cleanup, food/water proof screen in a kitchen for sure. - Now I am not sure building these features into an appliance you might keep for 15 years, is smart, maybe a better feature would just be a removable mount/plate that lets you install the 7 - 13" tablet of your choice on the door and then it might be smarter still integrate that into the cabinetry rather than the fridge but..

Comment Re:Deserve what you get (Score 1) 195

The problem is that the volume of dumb people will get it inflicted on the rest of us. Try buying not a smart TV today. You either have to get some sort of commercial offering, that comes with a crazy price premium or you're getting smart tv that spies on your and sprinkles in ads all over the place.

All because to many people decided they'd rather pay 499 instead of 599 because that is just how little they actually value their privacy and user experience.

Sure you can not connect it to the internet, but they can't use any of the useful features, or you can play DNS games and whatnot if you have the technical savvy and the time, but there are still going to be lot of opaque TLS streams that you just can never be sure what contain, at least not with voiding your warranty connecting the JTAG interface... the same will be true of all fridges that are generally availible soon enough..

Comment Re:Not really a rival (Score 3, Interesting) 48

Compare the market caps though, Nvidia and Intel are not on the same order of magnitude.

I don't think there is much a of frenemy relationship really to speak of.

My guess is this about two things:
1) Nvidia ensuring they have or could get some access to an x86 license if AMD is somehow able to both make some kind of great leap in MIMD compute space and at the same time is able to deliver some kind of integration advantage with integration in traditional compute in memory architecture with EPYC parts.

2) Being sure they have access to some kind of FAB capacity in the event the excrement hits the fan around TSMC, and with a "partner" to whom they could dictate terms.

Comment Sensationism at its finest (Score 5, Informative) 100

So the actual median and modal scores hardly moved. The explanation given Zs credit use trends is well known and it is the 'reporting' of student loan delinquency.

So really Zs overall credit worthiness has not changed much it is just the scoring algorithm is producing a slightly different result because a federal policy changes in how unpaid student loans are classified/reported.

Comment Re:Parents removed the last ban in 1974 (Score 1) 190

The problem is that families would get a one-hour shift for *some* family members but not others, which is something that the current system avoids.

I guess I don't see the issue. As long as it is mostly consistent from year to year, that is just something you plan around and problem solve just like the ones you have currently.

Ok so now you need one hour of childcare in the AM and two in the afternoon all year round. Do what I am suggesting in part of the year you need 2 hours in the AM perhaps and one hour in the afternoon or something. You won't be the only one the local providers are going to staff around whatever the local schools do just like they do now. If it is your retired mother in law, she just adapts her schedule like she is already doing.

I am not trying to be flip but most families have schedules that shift during the year. Johny has baseball practice in the evenings all summer, than Saturday games in fall. Sally has her seasonal job as a lifeguard, so she can't babysit little brother Johny in the afternoon part of the year. All these schedule problems exist regardless of what the clocks say.

I think it far more limiting to insist that Bob's job that involves sitting in front of a computer under artificial light in an office without a windows be shifted toward day light coincidence along with everything else, just because...

Comment Re:Um... No. Hijacking this thread for Jimmy Kimme (Score -1) 35

No. Hijacking this thread for Jimmy Kimmel

Ok I'll bite and try to steer it back on topic at the same time!

I am looking forward to learning more about the middle steps here.

1) Acquire the branding for the greatest sh*t-show in event planning history, this century
2) ??
3) Profit!

Honestly I think it is a sad commentary on the attention span of our society these days. Once upon a time not so very long ago companies used to rebrand to try to escape associations with past frauds, calamitous management failures, massive product failures, and the like.

Now it seems like all you have to know to do marketing is "There is no such thing as bad publicity" because people just remember the name and little else, and recognition is usually better than unfamiliarity in the consumer mind. It is still possible to be 'too soon' as Jimmy Kimmel and his writers room just found out. That requires 'comically poor judgement' though. -See what I did there?

Comment Re:CHENGDU, China (Score -1, Troll) 197

Do you people really get fifty cents per post? Surely it's more than that by now.

Never seen such a panda hugger since someone pointed out that we should have responded to J6 like China did to 6/4at Tiananmen. It lacks the polish of using the A-10s to turn them into pink mist, but calling out the tanks to turn them into pink mash worked well. Just a remincer: when you want to overthrow the government, bring guns. Lots of guns.

Comment Re: Or... (Score 1) 157

I guess I should clarify. In addition to "just the W2" there's also a monthly, quarterly, or yearly payroll tax report that goes to the IRS, along with a whopping large check for the withholding, as part of normal payroll processing. Different companies do different reporting standards, of course. But they're getting the data a lot more often than you think, just from the money paid in *during* the year, before the return is filed for.

Comment Re:For me? Yes. (Score 1, Interesting) 71

Yes it very much was; While it was a fictional drama it did explore topics like:

1) the cost of healthcare
2) the approach to the drug war
3) the limits of police powers

just to name a few things off the top of my head. Is it a great 'source' for study of any of those topics, no obviously not but it might introduce them in a way that makes some people care or start a larger discussion about those subjects in friendly settings where they'd otherwise not come up.

Comment Re:Living Coral (Score 1) 43

I don't think that is a relevant question, actually. Just because the entire reef isnt currently 'living' does not mean it isn't habitat for things that are. A layer of coral microbes just establishing themselves on previously glacial plane, probably isn't a sufficiently similar home for a various wildlife the existing reefs support.

None of this is say the situation is a dire as is being suggested but if this analysis is correct, I don't think "transplanting" or replicating a coral reef in a meaningful fashion on human time scales is a simple undertaking at least not with an certainty of success. Maybe we can 3d print some artificial reef structures and get some microbial starts attached to them and sink them but that would take a lot of experimentation

Comment Re:For me? Yes. (Score 1) 71

You are probably right about the GoT being the last great example. I'd put the bookend of that era of water cooler tv about 2013 when Netflix started doing first party content, and phasing out disk by mail.

That is about the time when most of the big general public audience started getting pretty consistent access to non-physical-distribution and non-OTA content and with it the explosion of choice and truly pain free time-shifting. Past which point nothing can get temporally constrained mass audience numbers.

Streaming killed the network television star.

Comment Re:For me? Yes. (Score 2) 71

whole concept that everybody has to watch a show at the exact same time is obsolete

In the sense that largely isn't happening any more yes. In the sense that 'water cooler' television gave as a social opportunity to have some organic national discussions about the issues of the day with a little shared context, I am not so sure.

Obviously it put the power to chose the topics of our national discourse in the hands a very smaller number of people, but it did give everyone an opportunity to discuss their view of the same content.

Comment Re:For those getting pitchforks ready (Score 1) 151

1) A lot places require an if the lights are on the fan is on or even an always-on bathroom fan exchaust fan ducted outside now. You could easily require appliances to have a relay to trigger the hood fan.

2) Ok study it, we pay taxes, this one seems like a useful activity. Sure there will be some extremist that object because there always is but I can't really imagine even the more right-leaning political operators would mount a whole lot opposition to investigating the safety of appliances found in just about every American domicile. That one really does fall nearly under "Promote the General Welfare"

3) That has never stopped anyone drafting building codes before :-). If you want to install a gas range in a modern energy efficent building, it will have to be properly vented, end of story. If that means giving up closet space above to allow for another vent-stack, or having some unsightly soffit run across the kitchen ceiling well builders just get to say hey this is what the code requires, we either do this or picket electric appliances.

Slashdot Top Deals

The IBM purchase of ROLM gives new meaning to the term "twisted pair". -- Howard Anderson, "Yankee Group"

Working...