I’m in the market for a bench-top drill press. I don’t want a cheap piece of junk, but it doesn’t need to be gold-plated, either. I recently lost access to the one I was using. (OK, I dropped my membership at the maker space, because it wasn’t very convenient.) Hence the search for a replacement.
So of course you turn to the web. For “reviews.”
My first beef: Most of the “review sites” just repackage the reviews from Amazon. (I did find a Popular Mechanics article, wherein they actually did a review, but it was from sometime back. I may in the end rely on its recommendation.)
My next stop was the “forums.” Someone, ahead of me asked, “What’s the Bench-top drill press to get?” Or “Does anyone have experience with these drill presses?” Immediately (on just about every site I checked) someone – not the same person – said,
Why are you looking at bench-top presses? You should buy a floor-height press!
Since everyone from Harbor Freight up to Jet sells bench-top presses, it is because some of us don’t have room (or the budget) or the need to be able to drill the end of 4 foot dowel. So when someone is shopping for a bench-top whatever, you might consider that they know more about what they need than you do. Of course you see this in every forum ever. I run across it in sailing, HAM radio, and woodworking. Someone has to leap to my aid because I can’t possibly know anything.
If anyone has some real experience with any of these, the question of the day is the Jet JWDP-12 versus the WEN 4214. With the 3rd possibility being the Grizzly G7943
Privacy is such a 20th Century concept. Facebook bug switched as many as 14 million users’ privacy settings to ‘public’
Facebook Inc. had a software bug for 10 days in May that set the audience for people’s posts to “public,” even if they had intended to share those posts with only friends or an even smaller audience.
So no one noticed a bug for 10 days. Did anyone test? (Before or after the implementation?)
Actually given Facebook’s pogrom against all things conservative, I’m not sure why anyone who reads this blog regularly would still be using FB. Oh it is convenient to support the people working against your Constitutional Rights. Really? I hope you have a lot of luck with that.
You won’t find me on FB, and I’m on Twitter less and less, and have considered ditching it too. (Social media is a time-waster, and I waste enough time on this blog.)
We don’t need to update all these PCs and Servers. Those crazy IT folks are always worried about something. Everything is working just fine. Atlanta officials reveal worsening effects of cyber attack | Reuters. Everything was working until everything stopped working of course.
What’s the “extra” cost to fix the problem? They just asked for ANOTHER 9.5 million dollars. And that may not be the end of it.
For those of you who are not paying attention to the state of cyber attacks and hacking, Atlanta got hit with the SamSam ransomware attack in March of this year.(Wired had a pretty good article on attack in case you want to refresh your memory.)
The City of Atlanta has still not put all of the pieces back together.
Departments citywide, including municipal courts, told the council on Wednesday about their struggles to regain workplace normalcy since the attack. Interim City Attorney Nina Hickson said her office lost 71 of 77 computers as well as a decade of legal documents.
What’s the cost of that? No backups for “decades of legal documents?” I want to assume that they have paper copies of everything, but it is really hard to search through paper copies of documents.
The question of the day is, “How long has the city’s IT department been wanting to fix any of this?” SamSam isn’t as easy to avoid as WannaCry, but it is a known attack. Have they been asking for resources to head off stuff like this, and been turned down, or have they just given up? You would think that the 2nd might be true, but I’ve worked with some pretty ground down IT organizations that still tried to do the best with the resources they were given. (Of course I was usually replacing the system they’d been struggling to maintain for the past 5 years.) The other question is how many IT organizations are still asking, and still getting turned down, because the executive suite doesn’t want to spend the money to fix things that aren’t broken.
In violation of a consent decree. Does this mean that Zuckerberg lied to Congress? Facebook Gave Device Makers Deep Access to Data on Users and Friends – The New York Times
Facebook formed a bunch of partnerships with companies like Apple/Blackberry/Samsung/et al that let them access data on users’ friends without explicit consent. Which is apparently in violation of an F.T.C consent decree from 2011. Those agreements are still in place.
Because as far as the Facebook is concerned, privacy is not something that you get to have.
“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.
And people wonder why I don’t use Facebook.
Hackers wanted a million bucks by yesterday. Not clear what happens now. Hackers threaten to reveal personal data of 90,000 Canadians caught in bank hack | CBC News
The hackers claim they were able to gain partial access to accounts by using a common mathematical algorithm designed to quickly validate relatively short numeric sequences such as credit card numbers and social insurance numbers.
The hackers say they used the algorithm to get account numbers, which allowed them to pose as authentic account holders who had simply forgotten their password. They say that was apparently enough to allow them to reset the backup security questions and answers, giving them access to the account.
“They were giving too much permission to half-authenticated account which enabled us to grab all these information,” the email said, adding that the bank “was not checking if a password was valid until the security question were input correctly.”
Customer service wanted to be helpful. Guess what? They weren’t helpful to the right people.
Corporations (and individuals) need to start taking cyber security seriously, and that means that some things will be harder to do. The alternative is not pretty.
First there was Hawaii’s famed false Missile Attack Alert. (Still a classic!)
There was also the Tsunami Alert issued to Palm Beach, Florida. ‘Test’ tsunami warning startles Palm Beach County. That didn’t get as much press coverage as Hawaii.
Did you get a tsunami warning for Palm Beach County on Tuesday morning? Did you spit up your double latte?
The county is pointing fingers at the National Weather Service. Apparently a “test” alert went out, that had “test” in the title, but NOT in the coding – that bit that computers would use to make decisions. So a local .gov screw up or a federal .gov screw up? Still the .gov, either way. (“I’m from the government and I’m here to help”) Even Accuweather sent out a copy of the alert.
The downside is of course that in the event of a real tsunami, the residents of Palm Beach County will now say, “Oh, it’s just another false alarm,” and ignore the chance to get out of the way.
But my favorite is probably this story from Lake Worth, Florida that came out this week. Watch: ‘Extreme zombie activity’ alert in Florida city was apparent prank. (Apparent? You mean there was no real Zombie Apocalypse? I’m so disappointed.)
The alert, sent out by the city of Lake Worth early Sunday, warned of a “power outage and zombie alert for residents of Lake Worth and Terminus,” referencing a city from AMC’s The Walking Dead.
Apparently the power outage was real enough. So chalk this up to another municipal .gov that can’t be bothered to spend money and resources protecting their computer infrastructure from hackers. So is this “Peak Florida?” (Hat tip to Ace of Spades.)
First we have the Amazon Echo inanity. Amazon Echo sent family’s private conversation to another user | CBC News
It turns out the Amazon echo that recorded a private conversation and then emailed the MP3 to an “acquaintance” wasn’t hacked. It was doing what it was programmed to do, just not what anyone actually wanted it to do.
An “unlikely” string of events prompted Amazon’s Echo personal assistant device to record a Portland, Ore., family’s private conversation and then send the recording to an acquaintance in Seattle, the company said Thursday.
Having spent the bulk of my career in application software development, my take on what “unlikely” means is that the programmers (who probably did their own testing) never considered that line of actions. Why? Because Alexa is all about playing music, and reading calendar entries, and the like, and they tested that over and over again by listening to all their favorite music. (Hat Tip to Small Dead Animals: I, For One, Welcome Our New Self-Driving Overlords)
I wouldn’t have one of those things in my house if you paid me to.
Then we have our latest Tesla autopilot-enabled crash. Police: Tesla in Autopilot sped up before Utah crash – CBS News
So not only was Tesla’s vaunted (if you talk to them) software not able to recognize and avoid a big red truck with flashing lights, it actually sped up, right before it crashed.
A Tesla Model S that crashed while in Autopilot mode in Utah this month accelerated in the seconds before it smashed into a stopped firetruck, according to a police report obtained by The Associated Press. Two people were injured.
Elon Musk doesn’t understand why this is news.
It’s super messed up that a Tesla crash resulting in a broken ankle is front page news and the ~40,000 people who died in US auto accidents alone in past year get almost no coverage https://t.co/6gD8MzD6VU
— Elon Musk (@elonmusk) May 14, 2018
For a smart guy, that’s a pretty stupid statement.