This feels like the absolute wrong move to fix their actual manufacturing issues. Their revenue is down for multiple reasons, but the one they could actually fix is their CPU burnout problem, and sort out their "nothing we sell has a valid warranty" where they fight every RMA. Just doing a bunch of layoffs won't fix either, it will just make both issues even worse. They obviously need to up their manufacturing QA process too, these burnout chips should have never made it the shelf. Firing the people who could fix the problem is idiotic and Intel is paying the price in the markets.

The general consensus is that the technology itself was just not there yet. SpaceX has modern manufacturing that has much higher tolerances, plus very rugged modern electronics. No one had the resources for the level of iterate manufacturing on the scale SpaceX is doing back then; much of that is driven by various advancements in 3d printing that just didn't exist even a decade ago.

I suggest starting with 800-171 / CMMC 2.0, then moving into 800-53 LOL

You don't start with any specific systems. You start by mapping the data flow of the information requiring protection. True, in normally comes in via email, but it might be coming in via FTP, actual paper being scanned into a file system, or a variety of ways. The email system will most likely be scoped as a classified asset, for processing/transmitting/storing sensitive data; but it's not the starting point usually. And one can't just "secure email", one also first must identify the people who need access and sort out what systems they use as part of their job duties. Identity validation is one one part of NIST RMF. The three criteria are Confidentiality, Availability, and Integrity. Requiring signed email is Integrity. Encryption can provide Confidentiality. Having cloud systems in some HA mode across multiple geographical tenants provides Availability

Side note, S/MIME is used quite often in the DoD world; but it's not a "stand alone" system that just anyone can also use. I have an ECA token that can do it, it costs over $150 a year and filing paperwork that includes my birth certificate and a DCSA clearance. Even then, you also need to use something like DoD InstallRoot to pull in the specific DoD certs into your cert store, configure the email system itself correctly...and there are a PILE of STIG controls to implement to get there; then an independent third-party audit to certify the system via EMASS (this means only very specific 3rd parties can do this certification, called 3PAOs, like the companies that can certify FedRAMP) that it is authorized for whatever clearance level is needed per the interconnection contractual requirements..

It really is FAR more complicated than just technical requirements. The lawmakers in Congress are most likely hopeless outside of their lane on this, and would need hours worth of very specific CDSE training to even begin to understand it, and this would be on top of already having years of IT / sysadmin / cyber security experience. GRC is a WHOLE other world on top of what most think of as cyber security...and I only work in the 800-171 space, not the larger 800-53 control sets.

That's not true. I work doing INFOSEC for a DoD contractor, handling CUI. You can, and are actually expected to, eventually connect SIPR and NIPR networks together, there are tons of documents around the proper way to perform these interconnections, However, there are TONS of various security controls that must be met before connecting, maintained, monitored, evaluated etc per NIST RMF. DISA's EVVM (enterprise voice video and messaging) STIGs have many controls around interconnections. There is no "classified e911" for example, so e911 SIP traffic on a classified network still has to eventually be routed to non-classified networks. There is just a ton of encapsulation, VLANS, S-SIP, encryption, etc to ensure any classified data maintains confidentiality and integrity while being transmitted over non-classified networks. I'm neck-deep right now in a voip project with requirements like this.

The ideas behind N1 where truly "ahead of their time", by...50, 60 years? The over-all idea works, but the ability to control the engines, the material sciences, Space-X's "iterative change" are all things the Soviets just didn't have. The science and math worked, just not the engineering.

When I go any distances, I always bring my "zombie survival bin" with us. It's got several MREs, solar blankets, various first aid kits (and a bit more), tools, fire starters, water tablets, etc. Hand-crank radio emergency radio, hand-crank flashflights; I'll be adding a small solar recharger to it soon. It's enough to go off-grid and survive for at least a week with food. I've I'm stuck someplace longer than that due to some disaster, I figure we're all pretty f*cked anyway at that point lol.

The most likely end result of automation will be the destruction of the owner class, as the lack of income coupled with the lack of human labor required to produce things makes their value collapse to zero. And at that point, we'll probably end up in a sort of socialist utopia a la Star Trek TNG. But the path to that point will probably not be pretty, with the owner class using regulatory capture and rent seeking behavior to kill off the lower class en masse, with wars fought over collapsing economies, etc. Some would say that this has already happened.

Actually, this is EXACTLY what did happen in the Star Trek universe. This was shown in all it's bloody details in the DS9 time-travel episodes into the Bell Riots.

I assume I will soon see guidance from the DoD and other federal agencies prohibiting the connecting and use of these "infotainment" systems with any mobile devices that store, transmit, or process any CUI or higher data. While this should have always been a best practice, specific guidance around infotainment hasn't been published yet that I know of. Although I doubt there is much potential leakage via SMS, best to cover the bases.

A potential risk has always been with rental vehicles, This just makes that more dangerous for all involved. Hertz, Enterprise, etc can now download all text messages of any connected phones and upload them and then sell the information to the highest bidder.

Well, his on-camera pot smoking has already made the Air Force look at their policies around his clearances... so his more recent statements on Twitter definitely stray into the realm of a potential insider threat with his comments about J6. Knowing a bit about how all of this ties together in doing proper risk assessments involving potential insider threats, it makes total sense for the Air Force to select a second non-SpaceX system to include on this.

This goes beyond the idea of redundancy, because Elon himself chose to buy Twitter and insert himself into the political commentary sphere and defend people who stormed the US Capital. For me personally, this causes some internal conflict as I love Musk's various projects around technology but find his promotion of conspiracy and insurrection very disturbing. I want SpaceX to success, I want humanity to colonize the solar system, but I don't want people like Qanon Shaman to be looked at like a "hero".

Maybe like a full Wikipedia article covering the Communications Assistance for Law Enforcement Act? Would the original 1994 law straight from a govinfo.gov site count as "they would tell"? It's a basic requirement of ALL telecom equipment, and the Chinese are just complying...it wasn't until 2021 that the FCC realized that CUA could also use this capacity that the US required.

The Chinese equipment was also "readily backdoored by the NSA", per the Communications Assistance for Law Enforcement Act (CALEA). This is BY DESIGN, not part of some conspiracy theory. The issue here is that someone finally realized that the way this was implemented means that the Chinese government could also use this mandate to do their own remote wiretapping...

Even if they are overridden, there is supposed to be some type of audit log that the administrators shouldn't be able to access. There is a whole control family (Audit and Accountability) that has a long list of controls and requirements.

Actually, yes, many of the security controls are meant to operate on the idea of trust. There are two types of controls: operational and technical. Technical controls have some type of technology behind them; operational only have the written process. This is discussed in depth NIST manuals like 800-53.

Maybe, but when it comes to classified information that's not the way any of it's supposed to work. Even individual projectors have to be vetted and given "authority to operate", and they should be marked with an appropriate label that is color-coded.. There shouldn't be just a "tech guy", but someone specifically assigned to perform those tasks who has been trained and cleared. I have a strong suspicion more heads than just his will roll on this.