![]() |
It's a serious, and sometimes life-threatening subject. Pacemaker hacking https://www.tripwire.com/state-of-security/featured/under-attack-how-hackers-could-remotely-target-your-pacemaker/ They are using ever more sneaky ways to achieve their ends. Mirai botnet and security cameras http://www.welivesecurity.com/2016/10/24/webcam-firm-recalls-hackable-devices-mighty-mirai-botnet-attack/ Vulnerability scan at https://www.incapsula.com/mirai-scanner/ They do not care who their targets are. Hospitals resort to paper as ransomware attacks network http://www.tripwire.com/state-of-security/security-data-protection/ransomware-forces-hospitals-to-shut-down-network-resort-to-paper/ But you can see what piques hackers' interests. Endoscope vibrator hacked https://www.grahamcluley.com/smart-dildos-security-vulnerabilities-fulfill-every-hackers-fantasy/ I thought, that's enough, but it's spreading like wildfire. Aga cooker hacked https://www.bitdefender.com/box/blog/smart-home/dont-let-hackers-ruin-roast-security-flaws-found-aga-cooker-app/ Car security at risk https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/ Even second-hand cars https://www.theregister.co.uk/2017/02/20/connected_car_in_the_secondhand_lot_dont_buy_it_if_youre_not_hacksavvy/ And then the most hilarious headline I've ever seen (imagine reading this 15 years ago). Jens Regel of Schneider & Wulf discovered a "web server directory traversal" vulnerability in the Miele Professional PG 8528 dishwasher. https://www.bitdefender.com/box/blog/smart-home/connected-dishwasher-security-smudge-doesnt-come-off/ But, then a huge blunder by Samsung, and their proposed/already in use system called Hackers' Playground Tizen, which appears to be in its infancy as far as security is concerned. Samsung Tizen OS extremely vulnerable https://motherboard.vice.com/en_us/article/samsung-tizen-operating-system-bugs-vulnerabilities And, if you think that you're physically safe from attack, don't go to a car wash https://www.grahamcluley.com/car-wash-security-flaws-let-hackers-physically-attack-people/ Someone has to keep an eye on IoT before it becomes chaos. It seems clear to me that the most important systems for society's infrastructure need to have the tightest and best-deployed security measures. NHS, ATC, and all sorts of other systems need the finest and most expert security implementations. However, because of the way these systems are tendered when created, they end up with the cheapest and most traditional solutions, which are inherently inert and difficult to change with the times. The people in charge of these tenders (usually public sector workers under the thumbs of council and other government officials) are some of the least technically-savvy people on the planet (their kids often know far more than they do about these matters!). They always fail to realise that the most popular, or most traditional solutions are very often not the best to deploy, if increased security is what is required. Systems have to be using the most up-to-date ciphers, transport mechanisms, and DDOS-resilient hardware and software. This is a full-time job since the security landscape is constantly changing. That requires a full-time security team working with the systems on a day-to-day basis. Currently, we have a tender process that gives rise to systems which are often deployed once, managed intermittently and patched only when things have already gone wrong. Ad-hoc teams with no previous experience of that particular system, are then employed under incredible pressure to sort out problems only after the systems have been hacked or have gone wrong. This cannot continue. The government has to spend LOTS of money on this, or else, one day, important infrastructures will be brought to their knees permanently. |
The data we collect includes:(but is not necessarily limited to)One of the comments states, "There should be a opt-out switch. My computers belong to ME not Microsoft. What I do on MY computer is none of Microsoft's business." to which I replied,
The software (including drivers and firmware supplied by device manufacturers), installed on the device.
Performance and reliability data, such as how quickly programs respond to input, how many problems you experience with an app or device, or how quickly information is sent or received over a network connection.
App use data for apps that run on Windows (including Microsoft and third party apps), such as how frequently and for how long you use apps, which app features you use most often, how often you use Windows Help and Support, which services you use to sign into apps, and how many folders you typically create on your desktop.
Network and connection data, such as the device's IP address, number of network connections in use, and data about the networks you connect to, such as mobile networks, Bluetooth, and identifiers (BSSID and SSID), connection requirements and speed of Wi-Fi networks you connect to.
In fact, it is the same principle as, "It is my body and I'll do what I like with it.". If I can't excite the naturally-present cannabinoid receptors in my body for the past century because of global laws set up by corporate interests, then why should I be able to encode, with my own algorithms, any film in an arbitrary stream of bits on my computer?Anyway, here's a batch file for turning off most of it :-
It's a stupid world run by profit, not people.
rem BLOCK WINDOWS 10 TELEMETRY BATCH COMMANDS reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection\ /v AllowTelemetry /t REG_DWORD /d 0 /f reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection\ /v AllowTelemetry /t REG_DWORD /d 0 /f sc config DiagTrack start=disabled sc config dmwappushservice start=disabled sc stop DiagTrack sc stop dmwappushserviceTo remove Windows 7 and 8 updates involving telemetry, use :-
wusa /uninstall /kb:3068708 /quiet /norestart wusa /uninstall /kb:3022345 /quiet /norestart wusa /uninstall /kb:3075249 /quiet /norestart wusa /uninstall /kb:3080149 /quiet /norestart
Computing Power: Your "balls to the walls" mainframe is going to pick up the workload of 100 million plus PCs and deliver the same performance over an internet instead of an eSATA channel with no noticeable loss in performance? Yeah, right. Put down your crack pipe, the laws of physics want to have a conversation with you.To me, "cloud" looks like an attempt by corporations to control the software and data your home computer will be using. Corporations always put profit before technical excellence, whereas a competent home-user with local data and software, has the opposite intentions. Hence, the corporation-controlled method is more likely to technically fail than the competent home-user method. The "cloud" is therefore for dumbed-down users who do not want to take any responsibility for the computing infrastructure they operate on. More fool them! I have always believed that if you want your systems working properly then either you take care of them yourself competently, or you hire someone else to do it. Either way, technical excellence is what keeps it working, and certainly not profit motives. If a corporation is running both your software and data in a cloud, and they spy a way of cutting costs by cutting some corners, they'll do it first, and then judge the consequences of their actions after the threatened law-suits come in! If you decide to use a business' cloud resources, eventually you will suffer from that business' greed.
Increased Costs: Leasing ALWAYS costs more than outright buying. Do you really think Microsoft is pushing subscription because they're going to make LESS money at it? Put down your crack pipe, the laws of economics wants to have a conversation with you.
Security: I just laughed at this one. Here's what you essentially said: Yeah, you're going to get hacked, but, hey, each time it happens, you'll be less likely to see it happen the next time. So, just suck it up.
Connectivity: This is where bloggers who write words for a living think their isolated universe is mainstream. Tell me again how connectivity and bandwidth isn't an issue when I'm a home user editing my 2 GB home movie.
Your closing arguments demonstrate why the cloud will always be a specialized application. You are simply arguing for a return to the days of Big Iron. Well, there was a reason big iron shifted to distributed computing. And it was all economics. When you started shifting large amounts of bits around, it became cheaper to distribute the computing and data.
Now, tell me in what world the cloud will ever make sense for joe sixpack working on the 12 hours of video he shot during his vacation to the grand canyon. Yeah, he'll upload clips of it to Facebook (the cloud), but he's not going to store the whole thing on there and work on it that way.
Your problem is one shared by many technologists. You think the way you work is the way everyone works.