It is certainly feasible that the NSA did not need access to the firmware source code in order to pull off these kind of attacks. Ars Technica has an article explaining. These drives use standard debugging interfaces, and, with a bit of work, anybody with the right skill set can reverse engineer the firmware.
That's not to say that the NSA didn't have access to the firmware source. They certainly could get at it if they wanted. Just that they did not necessarily need the source in order to write this kind of malware.
Since competition doesn't exist, and because they're trying to charge me and everyone else for imaginary resources, I believe they are engaged in anti-consumer, monopolistic, behavior that is not required for the health of the network or for their own business requirements and therefore should be regulated.
Yeah, that's the crux of the matter right there. If there were real competition in the sector this sort of activity would be fine. Arbitrary limits on usage can reduce network saturation. The result for the end consumer is a less useful and more expensive service, but that would be fine, if there were alternatives.
However, ISPs (both wired and wireless) have spent the last two decades or more deeply entrenching themselves. The networks they operate were often subsidized, at Federal, State, and Local levels. They have spent millions of dollars lobbying (successfully) for anti-competitive laws of their own design. They have either natural or government (Local or State) granted monopolies in most of the regions they operate in. They collaborate with their so-called competitors, dividing territory and colluding on prices and practices. All while providing what few would disagree is a basic necessity of modern life.
When all the significant providers of a necessary service engage in collusion and anti-consumer behavior, it is, and rightfully should be, time to regulate that industry. I don't lightly suggest regulation. Careless or unnecessary regulation can have enormous costs and serious repercussions. However, ISPs have shown time and again that, like the banking industry, they will engage in anti-consumer behavior for so long as they are permitted to do so. It's time to tell them otherwise.
Add to that the fact that Fat Noodle has come back and demonstrated that they had come up with the concept for their restaurant in 2008, trademarked the name in 2012, and failed to hear a word from Chubby Noodle's lawyers for months, suggests the Fat Noodle lawyers might need to get their heads straight.
Maybe that sentence has too many Noodles to be sure, but I think you meant to reference Chubby Noodle's lawyers as needing a good head straightening.
Just as IQ is really only a measure of how good you are at taking IQ tests, the only thing those brain games improve is your ability in that specific game. You might improve over time in that game, but that won't carry over into anything else.
That fuzziness or stretching sometimes makes it hard to make out fine details. E.g., when a character looks at phone. With lower quality video, all that you'll see is blurred letters.
Higher quality video won't make a bad movie good, but it does enhance my enjoyment of a good movie.
If you already have a movie in DVD format, there's no need to go out and buy a Blu-ray version. The increased quality is probably only worth ~$1-$3 (depending on how good the movie is), not the $20 you'll pay for a replacement.
I certainly don't get 4k, unless your TV takes up a wall. 1080p makes sense in some scenarios, but I usually go with 720p where available. My monitor is only 24", so I can't tell the difference between 1080p and 720p. Might as well save the bandwidth/space.
"(Source: 14 years of research into domain registration patterns and what's likely the largest database of abusive domains.)"
Oh yeah, the old "I won't provide my sources or credentials but I *know* and you just have to believe me". That's always a good argument. /s
Eh... I think I'll take him at his word on that. I've worked for a registrar before, and a common pattern of domains that show up in the abuse department is that most used the private registration service.
The problem is, there's a huge selection bias in his sample. He's seeing only those domains that cause problems, not the copious quantities of private domains registered for legitimate privacy / anti-spam (digital and physical) reasons.
I get what you're trying to say, but it's not exactly accurate.
Registering a domain requires registering a valid point of contact with ICANN. A "privately registered domain" is really another entity (usually the registrar, such as Go Daddy) putting themselves as the point of contact, and then forwarding you any correspondence (digital or otherwise) associated with that domain.
What you're paying for is the cost of that forwarding. Some companies may tack some profit on there, which is a bit reprehensible, but it's not as if it's a zero-cost thing.
There is no such thing as absolute security. Period, full stop. It doesn't matter how big or how small the target is.
That said, why should NDT know better? He's not a security expert, he isn't even in the IT field. He's a frakking astrophysicist. Because he's a celebrity, suddenly that means he has to be absolutely accurate 100% of the time, without leaving any room in his statements for misinterpretation? Just as the only unhackable system is one that doesn't exist, the only person who hasn't made a mistake in his statements is one that has never spoken. Why are people surprised that he's human? Why attack him just because he isn't infallible, when he never claimed to be?
The basic premise of NDT's statement is sound, even if he screwed up in the delivery.
It seems to me that his point was a bit muddled by his attempt to be pithy. Investing in better security is obviously a better use of resources than pointlessly sanctioning NK. (Are there any sanctions we aren't already using?)
This is just nitpicking about a poor choice of phrase.
Pick two separate targets you want to harm -- then attack one and make it appear like the attack is coming from the other.
Even when not intentionally trying to provoke a hacking war, it's common practice for hackers to use compromised third party systems as launching points for attacks. It is difficult to determine (by the target) which machines are owned by the attackers, and which are members of a botnet. Collateral damage is a real ongoing concern with counter-hacking.
Take a look at Android fragmentation and Software/Hardware Smartphone battles for a good idea of what the Personal Computer would like if today's IP laws were in place in the 80s. There are a lot of parallels.
All it takes is one executive with hubris and impatience (often IT are either unaware, understaffed, or ignored, or any combination thereof).
There is a fair amount of ambiguity and conflicting precedent involving the 100-500ft airspace. That's one of the things that needs to be ironed out. However, the idea of Air Rights has strong legal precedent, and it is (slowly) being applied to UAVs and Drones. While the case law is currently murky, I do believe that Air Rights is the best option at hand to mitigate the privacy concerns inherent in remote flying cameras. Certainly better than any ham-fisted approach that may be being considered.
In my opinion, if the Kite had a camera attached, I'd say yes. It's less about moving equipment over other's property, more so a privacy concern. Still, a valid question, and the entire point of my previous post was we need to ask these questions instead of making knee jerk reactions.
In this specific case the mode of transport is irrelevant, whether autonomous drone, remote piloted, or a camera on a string, but there is precedent for control of the air space above private land (up to a point). See Air Rights. While the FAA does designate the height (and to some degree, the activity) that those Air Rights extend to, I am unsure where the legal authority of private citizens exercising control over their Air Rights resides.
Tl;dr: It's up to the land owner. If you don't have their permission, you can't do it.
I have several points of view on Drones in general, and this regulation in particular. Firstly, regulations (of any kind) that can be exempted for those with enough clout, while restricting individuals and innovators, are always a recipe for abuse and discriminatory practice.
That said, blanket regulations by the FAA on Drone use are undeniably required. Common sense safety restrictions (avoiding airports for one) should certainly be implemented.
There are, additionally, privacy concerns. I do not believe that the regulation thereof falls under the FAA's purview, but piloting a Drone over private property without permission should be considered trespassing.
However, while common sense rules and regulations are indeed required, we also need to take care that said regulations do not hinder personal liberty or economic innovation. As I mentioned above, I have varied points of view on Drone regulation. In addition to my concerns as a citizen for my safety and privacy, I have concerns as a business executive. My company had to scrap a project and business venture due to FAA Drone regulations. (Specifically, the line of sight requirement.)
I'm not sure I have a conclusion, I just wanted to share what may be a unique perspective. I suppose I'll just leave you with this final thought. Too often have legislation and regulation been used as cudgels against innovation by those that fear it; if we wish for this nation to truly be as great as we like to claim, we must ensure that the Rule of Law is used to protect the People, and not to reduce them.