Why do you hate paragraphs so much slashdot?

Sentences are much easier to follow when you break them up into different lines.

Why, Slashdot, Why, can't I just have single line breaks in my comments?

Oh what a surprise. You build the robots so they're timid and never cause accidents, then you run them for millions of miles and find people run into the back of them.

Why? Just because it's normal for that many miles travelled? because they surprise more assertive drivers and stop when they thought they would go? or because people are too distracted by their presence they forget they're driving and drive into them. .... All these questions and more might very well be addressed in the article, but I'll never know, because the headline alone is enough to put this in the "OMG, who would've thought?!, oh well, anyway..." bucket.

Now that they've had some time to think about it, their response is as follows:

Many companies made the case that anti-virus, anti-malware software should be a core function of the operating system, so a few years ago we created Windows Defender. It works. Brilliantly. But, the EU forced us to let Crowdstrike continue to operate in competition with our own product, since they did antivirus on our platform before we did. As such, we weren't able to implement the necessary security and stability updates that we would've liked, which worked with Microsoft Defender.

Instead, we were forced to leave kernel level access for these cowboys. They did an update that we were legally required to allow, that crashed a lot of computers.

This would've have happened if you'd just let us Netscape them.

> 42

> What else did you need to know, eh?

If 42 is the answer, what is the question?

> this is what happens when you run a company with consultants...

It depends on the consultants you get. There are plenty of well known, well respected, network operating consultants in Sydney who learnt BGP in the late 90's and know the pain it can cause if it's not configured correctly when you're a small network connected to a big network.

All network administrators get lazy and all network administrators fuck up occasionally. The good ones suffer from enough oversight and management that they're forced to do changes properly (like making sure there are proper filters in place and they've been re-activated after debugging & testing). The old and wise ones know the value of doing network changes with rollback plans; or build their networks "like onions" so when you fuck up at the edge it doesn't crash your core.

This is exactly what happens when you outsource your network operations to the cheapest vendor; when you have minimal oversight and change management, when you're used to providing a "best effort service" without any financial penalties for non-performance, and when you're used to being the (second) biggest fish in a small pond.

It's also what happens when people like Bevan Slattery make network peering so easy that the current cohort of "network engineers" spend more time configuring BGP via web interfaces and checkboxes than playing spot-the-error in 100 lines of Cisco code - but again, that's on Optus for not vetting their network operators.

Anyway - speaking as someone who's taken an ISP offline while configuring peer routes before (at 2am, with a rollback plan in place) - the only thing that really surprises me about this is Optus's CEO resigning.

Back in my day the official response would be "Lolz. Sorry `bout that. It's a best effort service. If you wanted five nines reliability you shouldn't rely on only one upstream provider. As for you getting your money back... well, our SLA dictates a response time, which we met. The restoration time was 4 hours, but they're business hours; so our outage started at 5pm, but the SLA the clock started ticking at 9am we restored your service at 2pm the next day so that's 2 hours outside of our 4-hour SLA. That means you're entitled to a 2% rebate on your next monthly invoice."

... so you're saying she'd have more credibility if she didn't bite the hand that feeds?

Could someone with mod points please do your thing on the above comment.

Until someone claims AI is sentient, this is the only true conclusion to an argument commonly made to sell newspapers.

Interestingly, Google is (allegedly) asserting it owns the copyright to Bard's output - but this is an irrelevant side argument - like if AutoCad asserted copyright over its auto-generated vector calculations - The copyright may be owned by the manufacturer of the tool or the user of the tool, depending on relevant copyright law; but the tool has no claim to the copyright.

While I can understand these vultures wanting to protect themselves from irrelevance, and totally appreciate that AI training was probably unforeseen in their copyright terms; it brings me great joy to see them follow the RIAA's footsteps in putting themselves firmly on the wrong side of history.

(if you think UMG, Sony Music or WMG in any way represent the artists they publish; I refer you to Courtney Love's speech to the Digital Hollywood Online Entertainment Conference, given in New York on May 16, 2000)

Let's be clear here, when General Bytes refers to "their customers" they mean the ATM owners, not the people who used the ATM.

But the whole point of crypto is that you are your own bank. If you've gone into business running a network of unregulated ATM's using a new technology that allows you to be a bank, you probably should study the internal workings of traditional banks so you can protect your assets the same way a real bank does.

Clearly there's a moral hazard at play here - General Bytes didn't have their money on the line, only their reputation. They weren't doing security audits to find security holes, they were doing security audits so when this came to pass (as it did) they could say to their ATM Operators who lost everything "we did what we could". The reality is they could've done more, and they probably would've if they hadn't transferred the risk of economic loss from them to their customers.

This point is driven home by their decision to revoke management of customer ATM's. An honest company would force all ATM's to be managed by them, backed by an insurance agreement that their management means responsibility for the security of funds under their management - and they'd employ a security team to keep those assets secure. Them saying "We're revoking our management product" is most likely because their lawyers said their 'all care, no responsibility' management offering actually makes them legally responsible is a very clear display that their product is inherently insecure.

And if the vendor isn't willing to take the risk, no properly educated and informed customer ever would.

Looking at the amount of work that was involved to liberate this company (or their "customers" who were clearly running these ATM's to make a profit), $1.5 million should be the finders fee; not the criminal takings. They'd have to be disappointed with that risk-adjusted return on investment. .... But the irreversibility of this transfer of wealth from people who did a poor job of securing their asset to those who did an excellent job of 'liberating' that asset, is a feature of cryptocurrency, not a bug.

By using the client to determine distinct networks, not the server.

Rather than bother with geolocating IP addresses and dealing with static/dynamic WAN IP's; you just have the client scan the local network.

There's a million ways to ascertain if you're connecting to the same network - by wireless network characteristics (SSID/Authentication protocols/AP MAC address), scanning devices (keeping a list of MAC addresses on the network and watching if they exist or not) or using GPS data from the android/iPhone app.

Netflix will use internal network forensics to determine your primary network. (As I've said elsewhere, I suspect they'll actually store two "primary" networks to cover users with home/work or home/shed networks.) Then if you use netflix for 31 days on a device that's on a different internal network, it'll stop working until that device connects to your primary internal network.

So if I have netflix on my work computer and my home computer, but I never take my work computer home it's going to kick me off because that device never connects to my primary network.

It determines this by having the app/web client scan the local network to determine different networks.

My guess is they'll allow you to share your neflix with one other household/network; but crack down when it's three or more. That way they eliminate most false positives, not piss off the people who are halving the price of a Netflix subscription and catch everyone who's sharing it amongst an extended family (or the classic example of four workmates who each subscribe to one serivce Disney+/HBO/Amazon/Netflix and share it amongst the group).

Meh. I can understand it. But Netflix, heed my warning. If you false positive my use (or, y'know, kick my mum off my account) - I'll just go back to bittorrent through a VPN.

So, they'd like to develop a national government controlled version of Monero.

I'm no expert, but I'd think if you were looking for a private and anonymous digital version of cash, you'd use the one which exists today, is proven to actually be private, anonymous and secure, and is not controlled by a government.

Which is exactly why regulation is needed to force them to adopt the industry standard.

You spelt "surveillance" wrong.

Apple is right. Patents stifle innovation.

The real irony of this is that it was a patent over DRM... Which protects the other form of artificial monopoly that we accept in the western world: copyrights.