• 1 Post
  • 23 Comments
Joined 1 year ago
cake
Cake day: November 2nd, 2023

help-circle





  • Having worked in classified areas, both as an admin and an unprivileged user, CDs were normally the method of transferring data up the network. (Transferring down rarely occurred, and even then you’d be limited to plaintext files or printouts.)

    I’ve seen more places use data diodes to perform one- or two-way transfers so that requests can be streamlined and there’s no loose media to worry about tracking. It’s not super fast and higher speeds mean more expensive equipment, but it covers 98% of software update needs, and most non-admin file transfers were under 20MB anyways.

    Anything that did require a USB drive, like special test equipment (STE) or BIOS updates, had to use a FIPS-140-1 approved drive that offered a ready-only mode via PIN. This drive could only be written to from a specific workstation that was isolated from the rest of the machines (where data was transferred via CDs of course) and required two persons to perform the job to ensure accountability.

    Not the most time-efficient way of doing things, and not completely bulletproof, but it works well enough to keep things moving forward.






  • Unfortunately this is a product not many care for nor know about, and I had a personal working relationship with this vendor, so even if it were “leaked anonymously” they could point back at me and make things a living hell.

    At this point it’s been almost five years. They made their stance known. The exploit isn’t one that can be done completely remote without some internal knowledge to the setup of the equipment. It’s old news and they’re better off fading away in obscurity. I just won’t bother to try helping them make their products better and more secure.






  • I was talking to a Tesla owner about this and they argued that if the window is electric then there’s no difference making the door electric. They couldn’t understand that the door itself can be operated independently of the rest of the vehicle.

    Making windows electric causes a safety tradeoff. You get ease of operation while losing the ability to open the window in the event of an accident (where power cannot be supplied). However you can still unlock and open the door manually as an alternative escape option. This also applies in non-accident scenarios (dead battery).

    Making doors electric is nothing more than a safety risk. From the inside you might have access to a manual release latch, but some doors require you to unscrew things first. Any emergency situation where you need to exit as soon as possible and the power is lost almost guarantees that you’ll be unable to safely escape.




  • I’m worried about the security of this. However looking past that and simply observing it as an implementation of AI, this is an idea that I think is actually a beneficial use. Protecting the elderly against fraud/scams is a major issue which gets increasingly complex as scammers improve their methods. Using AI to detect scams in calls could be helpful in protecting the elderly.

    But before rolling it out, I would want to see proof of its efficiency through careful studies. Hell, incentivize Google to share the model with the government and other businesses so it can be improved upon. Fund it as a grant/program so smaller teams/companies can contribute and innovate.