My front end iMac with 10.14 lasts about a month or so before a panic. Currently:

$ uptime
16:24 up 38 days, 5:01, 9 users, load averages: 4.79 7.10 6.14

As you can see from the load, that poor iMac is getting a workout. The OS gives up after a few weeks. I just got a new M2 Pro mini... not thrilled with Ventura, considering installing Monterey. But we'll see. Hopefully it stays up longer.

A front-end Linux server that hosts haproxy and other stuff:

$ uptime
  21:24:45 up 528 days, 21:36, 1 user, load average: 0.52, 0.43, 0.33

Packages do get updated regularly, but clearly the kernel hasn't been updated in quite a while. That machine only reboots when I tell it to. I cannot recall when I last experienced a forced kernel panic/reboot other than power related on any Linux machine. I recall back In The Day our SunOS workstations with uptimes in multiple thousands of days.

Yeah, that and the companies who don't want to do "military applications" can just do pure research. Pure, ivory-tower research... which the DoD can just pay someone else to integrate into an actual weapon system. It's not like a machine learning algorithm knows or cares to what use it's put, once it is out there.

Dumb posturing; I also wonder if these people have considered what a world dominated by Chinese and Russian military AI will look like, and what effect it would have... I am not sure it would be the best of all possible worlds, exactly.

I doubt this has been lost on the DefCon organizers. Presumably they think that they'd lose more attendance by moving to Europe than by having people who can't safely travel to the US just not come, or attend/present via videoconference or something. And I suspect that's probably true -- very few people (in my experience) go to DefCon or similar conferences on their own dime; you go on your employer's money. And getting your employer to comp you a few hundred bucks for a flight to Vegas and a shitty hotel room (Vegas hotel rooms are notoriously cheap) is a heck of a lot easier than getting a company to cough up for a transatlantic ticket, hotel in Europe, etc. As long as the majority of the attendees are in the US, this is where the conferences are going to be.

But coming here if you're involved in cybercrime is probably, uh, not a very smart idea. That Hutchins came at all suggests to me that he didn't know that the FBI was onto his alleged previous (pre-Wannacry) activities; the alternative is that he's dumb, and he doesn't seem dumb. (Though a fair number of very smart people are also arrogant and don't give other people credit for being able to figure things out, so that's also an option, I suppose.)

There is a legitimate question as to whether there should be some sort of cyber amnesty program, though, given the number of mostly-legitimate "security researchers" who have shady backgrounds but seem to have moved on from them. I've got some mixed feelings on that. On one hand, getting blackhats and their knowledge out into the open so vulns can be remediated and the network in general made more robust is a Good Thing. But I don't know if it outweighs the message it would send, which is that you can basically play Computer Mafioso when you're young and then retire to a nice, secure, respectable position as "security researcher" without the threat of your prior activities coming back to bite you. That's not really how things work in the non-IT world; if you spend your 20s working for the Mob, and then retire to a respectable profession, that respectability is unlikely to protect you from getting a knock on your door sometime later, depending on the statue of limitations, for stuff you did earlier. Might make a judge or jury go easier on you, but it's not an ironclad defense.

I think it's more like "one good deed today doesn't get you off the hook for the bad deed you did last week".

In other words, if you're a blackhat who happens to take down another blackhat, that doesn't buy you a get-out-of-jail-free card that you can play when other things you may have done in the past surface.

Or at least, not to an extent that stops you from getting indicted. It might play pretty well in court if the whole thing actually goes to trial, I'd imagine. Can't hurt anyway.

That doesn't make any sense and has no basis in fact.

There are enough legitimate issues with the FBI / CIA and their handling of cybersecurity issues that creating conspiracy-theory narratives is both unnecessary and counterproductive. Frankly it just muddies the waters on the real issues.

Yeah I'd like some more meat to the story as well. Amazon Glacier achieves its pricing by using low-RPM consumer drives plugged into some sort of high-density backplanes; supposedly they are so densely packed that you can only spin up a few drives at once due to power and heat issues. Hence the delay.

I assume Google is doing something similar, maybe with somewhat better power or cooling since they're offering faster retrieval times which implies that perhaps they can spin up a higher percentage of drives at a time.

It's not a terribly serious setback in the history of space flight, but it could be a serious blow to Orbital.

Their whole program is built around the idea of using old surplus Soviet-era rocket engines, originally designed for the ill-fated N1 program. (The N1 program, as a sidenote, is responsible for one of the largest non-nuclear explosions in human history when one of its launch vehicles had a failure shortly after takeoff. On top of a zero-for-four launch record, it's not the program I'd pick to emulate.)

My understanding of the Soviet engines is that they have some design features that make them lightweight for their output, but represent tradeoffs not typically taken on Western engines, due to the risk of "burn through". But some people--perhaps including Orbital--thought that the designers had solved the problem and the risks were overstated.

Too early to tell right now, but if the engines turn out to have a fatal flaw, that would be bad for Orbital. It'd probably be good for SpaceX, since they're the obvious alternative, but it'd leave NASA down one contractor for the commercial launch program.

I believe it is called "Bud", "Bud Light", etc., while the Czech company uses the "Budweiser" name.

And even that was contentious.

In the US, trademarks only extend as far as someone might be confused by their use. It's not a hard black and white line, but you can use "Word" if you wanted to, in an unrelated industry from Microsoft's, provided that nobody thought that customers might be confused and think that your product was, or was in some way related to, Microsoft's. (Obviously since Microsoft is such a big company and does so much stuff, this might be harder than if they were purely in the word processing business.)

A good example is Apple Records vs Apple Computer Corp. There was a lot of argument that went back and forth as to whether Apple Computers might be confused with Apple Records -- which seemed ridiculous at the time, because why would Apple Computer ever get into the music business? So they worked it out and came to a settlement to stay out of each other's turf. That happens very frequently. (It got interesting when Apple-the-computer-company decided to get into the music business; my understanding is that they made Apple Records an offer they couldn't refuse.)

And given how ubiquitous Microsoft's products are -- love them or hate them -- the breadth of their trademarks are probably not unreasonable. A no-name company ought not be able to assert a trademark with any similar breadth, because there's so little chance of confusion.

Well they are registered in the .com TLD, which is basically United States namespace, so it would make sense that US trademark law would apply at least in terms of the domain name. I doubt some European company would be able to convince a US court to order Verisign to turn over the domain to them.

So at worst, I would think that Pinterest could continue to operate under the "Pinterest.com" domain name; the challenge would be whether they want to advertise in the European market, which might be prohibited without changing their name.

Unless the product has been certified for use with classified information, that's not much of an assurance. The government has its own internally-developed tools -- which presumably it has confidence in (SIPRNet, etc.) -- for protecting information that it deems sensitive. The NSA might well decide that subverting a commercial tool is worth the risk of compromising something that's used by the government, but only in relatively trivial ways.

I don't know enough to impugn Zimmerman et al, but I don't think "it's used by the government!" is necessarily a great seal of approval, unless it's a formal certification (e.g. NSA Type 1 listing) saying that it can be used to protect classified information. And I'm not aware of any COTS software products that are on the Type 1 list; the NSA only approves particular hardware implementations (at least that I've seen, though I'm happy to be corrected although I'd be surprised).

Wrong plant. ORNL is a completely separate laboratory from Y-12, even though they're located in the same city.

My favorite part of the article is the photo that accompanies it. Two of my scientific visualizations are on there, the red/yellow picture of an Alzheimer's plaque being attacked by drugs (behind the N of TITAN) and the silver structure of a proposed ultra-capacitor made from nanotubes (to the right of the N).

Please do your homework first. While the supercomputers at Lawrence Livermore, Los Alamos, and Sandia National Laboratories are primarily used for nuclear weapons work, the work of keeping the country's huge stockpile safe and reliable is a gigantic job, especially if you don't want to actually detonate any of the warheads. Yep, that's the trick. Simulate the ENTIRE weapon, from high explosive initiation all the way to final weapon delivery. With all of the hydrodynamics, chemistry, materials science, nuclear physics, and thermodynamics modeled accurately enough to be able to say with confidence that the entire stockpile is reliable and safe. Hard job! Someone likened it to having a fleet of thousands of cars that you can never start, but must certify are road-worthy the instant you turn the key. For 50 years.

But let's go past this. There are three other major Department of Energy laboratories that have major computing centers: Oak Ridge, Argonne, and Lawrence Berkeley National Laboratories. Beyond just the nuclear weapons work that the first three labs do, all six labs use their massive computing power to advance the understanding of the Earth's changing climate, develop new materials, design new battery technologies, design new drugs, impact energy efficiency in vehicles and buildings, understand geology and groundwater propagation, help develop new power grid systems, design technologies for carbon sequestration, and delve into the origins of the universe. "Left over from the glory years"? Hardly.

And let's go beyond the Department of Energy. The National Science Foundation, as you suggest, has funded high-performance computing for years. There are at least five major computing centers that the NSF funds for an even wider range of scientific computing endeavors: the San Diego Supercomputing Center, the Pittsburgh Supercomputing Center, the National Center for Supercomputing Applications (NCSA) at the University of Illinois, the Texas Advanced Computing Center (TACC) at the University of Texas at Austin, and the National Institute for Computational Sciences (NICS) at the University of Tennessee Knoxville. If you want to get a small sense of what the NSF funds in this area, look at the XSEDE web site (https://www.xsede.org/).

(Disclaimer: I work for Oak Ridge National Laboratory's supercomputing center, have worked at Lawrence Livermore National Laboratory's supercomputing center, and am currently helping to run the University of Tennessee NICS computing center.)

This exists, it's called the SIPRnet. You can only access it from secure workstations in secure facilities, and in theory all the network hardware is also secure, etc., etc.

AFAIK, the only recent SIPRnet compromise was Bradley Manning, and that was more of a social exploit than a technical one.