New York authorities said the warrants led to the indictments of firefighters, police officers, and civil servants on disability fraud charges. The Facebook data, which included user photos and videos, showed employees who claimed they were disabled performing a variety of activities, including fishing, martial arts, and even jet ski riding. – Ars Technica
Hackers likely stole EVERY SINGLE background investigation form completed by OPM since 2000. Every single one.
— Damian Paletta (@damianpaletta) July 9, 2015
This is state of the art for systems software now – which is not all that impressive.
Glantz explained that Ikea has more than 3,500 Red Hat Enterprise Linux (RHEL) servers deployed in Sweden and around the world. With Shellshock, every single one of those servers needed to be patched and updated to limit the risk of exploitation. So how did Ikea patch all those servers? Glantz showed a simple one-line Linux command and then jokingly walked away from the podium stating “That’s it, thanks for coming,” as the audience erupted into boisterous applause. On a more serious note, Glantz said that it took approximately 2.5 hours to test, deploy and upgrade Ikea’s entire IT infrastructure to defend against Shellshock. Eweek.
From the Financial Times: (and you should buy a subscription)
Piracy is a problem as old as the music industry itself. In Victorian times, it was illicitly copied sheet music that was the avowed enemy of the artist, and the operetta team Gilbert and Sullivan paid toughs to go round London pubs smashing up pianos with sledge hammers whenever they found bootlegged scores.
Anderson: So what have all your creative people come up with, then? What’s different in your basic technology versus 50 years ago?
Musk: I can’t tell you much. We have essentially no patents in SpaceX. Our primary long-term competition is in China—if we published patents, it would be farcical, because the Chinese would just use them as a recipe book. [Wired]
This is probably a smart idea, but it illustrates the advantages of a working patent system. The inventions and advances that Space-X develops are kept secret. Engineers and scientists around the world can’t look at what they did, think of alternatives or better processes, or license technology and add new innovations on top of it. Without a working patent system, innovators have to obscure what they discover and, as Musk does, say very little. This slows down the progress of science.
Many of the critics of the patent system have a peculiar idea that there is some powerful advantage to being the first to market for a new idea. There is not. If Space-X gave its recipes away, Chinese and European companies would copy and cut into their market. Maybe eventually US companies would do the same thing (or put flags on something made in China and mark it up). Anyone who thinks that Space-X could successfully sell rockets that were equivalent to or even not a lot better than those being sold by Lockheed has no idea how markets work. There is a nice sounding myth about how “agile” and “innovative” producers will by some magic be able to outcompete larger companies that copy their work and have far greater marketing, production, and distribution systems (and better political connections). That’s not how hardball works.
Despite pedants, pointers are useful and interesting and if you don’t understand them, you don’t really get what’s going on in a computer. Think of memory as a function where is the set of non-negative integers. When we build physical memories, there are limits on both domain and range, but let’s ignore that for now. We can call the elements of the domain “addresses” and the elements of the range “contents”, but they are both just non-negative integers. A list of numbers, maybe phone numbers, could be in memory as a sequence. Perhaps is the list.
Alternatively, that data could be scattered around memory in pairs of phone number and address of next phone number. Address and contents are just numbers. The memory may have contents that is an address of other contents: is a perfectly reasonable expression. Here we are using the contents at one address to “point to” contents at another address. If is the address of the first such pair, the next pair is at and the next after that is at . To make this more comprehensible define and Then is the address of the pair and the phone number is . The list of phone numbers is . It’s easy to screw this up (as the pedants note). If is not the right address of the next element, following the chain could end up making a random tour of memory that would pull up who-knows-what as phone numbers.
GT Advanced declared bankruptcy and blamed Apple for its problems. Apple called GT Advanced’s story “defamatory”. I have no idea about the specifics in this case but I do know about big companies pushing insanely onerous and self-defeating terms on small ones. Here’s the original claim by GT Advanced:
At the start of negotiations, Apple offered to buy 2,600 sapphire growing furnaces from GT Advanced, which GT Advanced would operate on behalf of Apple, the “ultimate technology client to land,” according to Squiller.
“In hindsight, it is unclear whether Apple even intended to purchase any sapphire furnaces from GTAT,” he wrote.
But after months of hard negotiating, Apple offered a deal under which it would shift away economic risk by lending GT Advanced the money to build the furnaces and grow the sapphire, and then sell it exclusively to Apple for less than market value, Squiller wrote.
GT Advanced was effectively forced to accept the unfair deal in October 2013 because its intense negotiations with Apple had left it unable to pursue deals with other smartphone makers, he said.
Back when we were selling a real-time OS, I contacted an ex-boss who now had a high position in a telecommunications company to see if he could help us sell into it. His response was “don’ t touch this place, it is expert in destroying small vendors.” And, whatever the actual story with GT and Apple, the storyline is not at all unusual. The elements of a smaller company spellbound by prospects of a huge deal/giant customer, followed by time consuming negotiations, followed by onerous demands – been there, done that. We once were negotiating with a huge semiconductor company about a big deal that, over time, got worse and worse for us. We “finalized” with some terms that we thought might be survivable. And then the semiconductor company negotiators, one of whom by this point our negotiators were privately calling “Beelzebub”, announced they had to take the deal “to management” and came back with much more absurd demands. We were able to walk away but we saw other small companies make deals with Beelzebub and then fail. There is a strong impulse in some big companies, among some business units, to squeeze small company vendors way too far.
Once, after a sales visit to a big Wall Street Firm, two experienced sales people for a second supplier told me they were shocked by what I had said to the customer and advised me never to make the same error. What was my mistake? I had told the customer that we had produced a product that worked a lot better than what they were currently using, cost them a lot less, and was highly profitable to us. “Never do that”, counseled my colleagues, “they want to believe that, at best, you are breaking even on the deal, otherwise they think they left money on the table.”
The absurdity of these kinds of “negotiations” is that they are highly unprofitable for big companies. The potential savings are usually negligible for the bigger company. Negotiating purchase agreements is expensive for big companies. If they are even in the position of dealing with a small vendor, there must be some compelling business reason for getting whatever the small vendor is selling. This also means that a deal that would be unprofitable, perhaps damaging, to the vendor would put a critical part of the supply chain at risk for the purchaser. But instead of closing the deal and moving on, some purchasing groups in some companies want to grind the vendor down to “show value” to their management or maybe even just out of habit. Sometimes this requires the smaller company to walk away, sometimes to go over the heads of the purchasing group to business units waiting for the product. We’ve probably lost some deals that would have worked out well in the end by refusing to accept onerous terms, but we’ve also walked away from deals that would have been fatally unprofitable. The good thing is that walking away from an overbearing big customer is usually a good starting point for a sales effort aimed at its competitors.
This is an interesting paper, but Telecom has not yet come to grips with the problems and advantages of fast shared commodity ethernet interconnect.
North American service providers are in the process of upgrading their radio access networks with next generation LTE equipment. They arefinalizing a 4G rollout that involves highly stringent timing requirements, but in many cases theyare relying on sole-source synchronization byusing Global Navigation Satellite System (GNSS). Natural occurring disturbances, as well as unintentional radio frequency jamming, intentional jamming, and spoofing, make GNSS vulnerable to interference.
This article presents a novel approach for addressing the issue of GNSS vulnerability by introducing a standard means of providing a redundant packet-based synchronization source for LTE base stations. It also describes how this new approach can mitigate noise caused by asymmetry and transit delay variation in packet networks.
Accurate and reliable knowledge of time is fundamental to cyber-physical systems for sensing, control, performance, and energy efficient integration of computing and communications. This simple statement underlies the RoseLine project. Emerging CPS [Cyber Physical Systems – vy] applications depend on precise knowledge of time to infer location and control communication. There is a diversity of semantics used to describe time, and quality of time varies as we move up and down the system stack. System designs tend to overcompensate for these uncertainties and the result is systems that may be over designed, in-efficient, and fragile. The intellectual merit derives from the new and fundamental concept of time and the holistic measure of quality of time (QoT) that captures metrics including resolution, accuracy, and stability.
The project will build a system stack that enables new ways for clock hardware, OS, network services, and applications to learn, maintain and exchange information about time, influence component behavior, and robustly adapt to dynamic QoT requirements, as well as to benign and adversarial changes in operating conditions. Application areas that will benefit from Quality of Time will include: smart grad, networked and coordinated control of aerospace systems, underwater sensing, and industrial automation. The broader impact of the proposal is due to the foundational nature of the work which builds a robust and tunable quality of time that can be applied across a broad spectrum of applications that pervade modern life. Roseline.