domain:betonit.substack.com
You can tell because they only defend them when they're being attacked, like everything they know is wrong but also disliked by the enemy. They also try to pull the "Republicans pounce! It's right wing culture war!" card instead of a real defense on the merits, just like with "whiteness must be exterminated because it means showing up to work on time"
There were never any NYT articles crowing about how 75% of all professor applicants are now pre-screened out by the DEI department, before their resumes are even given to the official hiring committee.
Maybe you don't even know that, even though people have told you before... It's that kind of defense through carefully cultured and reinforced blindness.
It's not happening, only those people commit the faux pas of noticing it, and now that it's been brought up everyone uncomfortably shifts their eyes around the room to avoid defending it. It's almost a relief when LaShawna from HR launches into "how DARE you!", and you can just nod along silently cringing and memorizing her spiel for your next promotion review.
sliders1234
19m ago
Trust to me seems like why the immigration bill failed. If you don’t trust the other party to implement legislation in good faith and all the power rests with the executive then winning the next election is far more important.
jkf
22m ago
With all due respect, "I do what I want" is not a viable approach to building a quality space.
You are focussing on this part because the initial warning was indefensible -- the content was polite, just that the other poster didn't like it. She should absolutely continue 'doing what she wants' -- the mods are not gods.
gattsuru
24m ago
Perhaps they'll issue a clarification, but from the note in this section, I think someone could read this as "memory"; it has "memory" right in the name!
Maybe, but so does CMOS RAM, and that's a central example of where you probably do want this rule to apply, and it's (usually) more volatile than FRAM. 5.4-1 to my read isn't about access modes or media type, but about storage volatility, and that makes some amount of sense for certain attack vectors -- you don't want someone reading cloud passwords by probing random SPI flash, as weird as that particular threat is.
5.4-2 (unique IDs) : This one is conditional, and I imagine ultra-small or ultra-disposable devices won't qualify in the first place.
Yeah, but the condition is only that applies where ever "a hard-coded unique per device identity is used for security purposes". I think that includes virtually every LoRaWan (DevEUI) and probably every LoRa device, for one common example, but also technically at least most Bluetooth implementations. There's other places where it's a good idea to use hard-coded unique identities per device for security purposes even where it doesn't 'matter', and that's largely going to result in people just dealing with stupid hacks instead to avoid triggering the requirement whenever possible.
5.3.4/6/10 (updates): Same here; conditional. We'd at least have to get down to the level of thinking about each of the devices you've mentioned in terms of the conditions.
Yeah, but the conditions for 5.3-4 is "an update mechanism is implemented", 5.3-6 "an update mechanism is implemented" and "the device supports automatic updates and/or update notifications", and 5.3-10 that "updates are delivered over a network interface" and "an update mechanism is implemented". These are fine when you're talking a full web-UI/app-equipped device, but twenty sensors on a LIN line that can be updated still hit the requirement for 5.3-4, which is on its own a requirement for automatic updates so you now hit 5.3-6. Then you're trying to figure out how 5.3-10 works for devices that don't have user interfaces (and may not have user physical access!), and now you're either stuck tossing an authentication layer on your LIN, implementing a cryptographic security function for comms on said LIN, or spamming users with update notifications like they were running Arch Linux.
5.3-15: I think I would interpret this as, sure, you need to support any part of a product until you tell the customer that you're not supporting it anymore, and the type of support can vary.
Eh...
Let's take the example of a lightning switches attached to a base station, as a fairly common home automation setup where the switches and adapters are... not actually a central case of the constrained device model (they have wall power!) but are at least arguably close. If you build one of these, you're probably going to support a wide variety of light bulb sockets and switch types, but not all of those are going to make sense over the longer term -- maybe a socket type falls out of popularity, or a new lightbulb tech drops that doesn't play well with dimmer circuits, or a vendor you partner with stops selling a product that makes that particular device make sense.
By the text, is a lighting hub "isolable and hardware replaceable" if the vendor doesn't want to sell every attachment for the hub's life cycle? Removing one attached device doesn't make the attached device 'isolable', because turning on and off that light is its core feature. Nor is removing the entire hub from the internet, since there's no sane way to call that a "self-contained environment with other devices if and only if the integrity of devices within that environment can be ensured", when the especially if the entire reason to pop them off the internet has to do with their ability to communicate securely with the local hub. Would it be hardware replaceable is the only hardware replacement doesn't actually fit into the same socket, just because something attaches to the same hub?
Yes, in practice your interpretation is the sane one, and hopefully it's probably going to end up as the sort of asterisk that just confuses people, like vendors just putting out generic 'support may stop without notice for some devices' clauses. But at best that turns the requirement into aspirational text instead of the actual policy.
(5.5-3) How easy is that? You don't even have to update it at all. But if you do, then at least make sure your shit isn't trivially broken, at least so long as you're telling the customer that you're still supporting it.
I think the interpretation of that standard is closer to page 45-46 here, if not on the exact same timelines, and that quickly turns into an eWaste and version hop mandate for a lot of stuff pretty quickly in order to theoretically prevent the plausibility of certain attack classes, rather than blocking trivial ones. But even for its steelman of "don't use WPA2-only chips in new products", I think it's still costly even if well-intended, and a lot of those costs don't make a ton of sense. There's a number of chips and equipment that can't connect on WPA3 at all, and even where it's something that can be implemented in software that doesn't mean it's exactly easy.
More broadly, though, it seems like overbroad application of a rule. A presumption toward encrypting everything makes sense when it's free or nearly-free, but there are a lot of entire devices where it's just not that relevant. If your equipment does literally nothing but relay temperature and humidity values over ISM bands, you might want some amount of authentication to prevent spoofing, but it's really not that big a deal if someone can listen in. And there's a lot of IoT stuff that goes into that category.
There's some parts of the rules that motion around this -- 5.5-1's "Appropriateness of security controls and the use of best practice cryptography is dependent on many factors including the usage context" or the exceptions for ARP, DHCP, DNS, ICMP, and NTP in 5.5-5 -- but again that turns the requirement into aspirational text.
ArjinFerman
Tinfoil Gigachad
33m ago
Let's look at the tape
I'm confused, when you give link like this, aren't they supposed to prove your point, rather than disprove it? I don't see any claims of instantenous absolute killing of innovation. I could understand if you're being figurative here, but since you insist that your opponents get your position absolutely right when responding, I don't understand why you think it's fair for you to portray their claims in such a way.
The latter obstinately refuses to make any more specific claims
And so do you. Normally when someone tries to have this sort of conversation in a productive manner, they tend to put forward some kind of framework for analyzing specific situations, so others can run it through various scenarios. I take you are in favor of some regulation, but not too much. How much is too much? Can we know in advance? Is there something we can do to prevent it from going too far? What can be done if it does? If you bothered answering any if these questions in advance, rather than strawmanning your opponents, and then complaining about being strawmanned, the conversation would be a lot more productive, probably.
netstack
Texas is freedom land
40m ago
Maybe I hang around here too much, but my assumption was that prestige media was comfortable with or enthusiastic about the idea.
sarker
Where are the Snowdens of yesteryear?
48m ago
you know what they say: in America, first you get the frame, then you get the respect of your beers, then you get the women.
DradisPing
52m ago
"Jews" tends to be a proxy for big city businessmen with no connection to the community. A lot of scams and white collar crimes take time to prosecute. Someone from the city can swoop in, do negative things, and be gone before they be stopped or prosecuted. Small town lawyers find themselves having to move against a legal entity that was dissolved before they could make their case.
NewCharlesInCharge
55m ago
To clarify a little more than supremacy, trial courts are triers of fact: did the accused do the thing the state says they did, and is that a violation of what the law says. They do not evaluate the validity of the laws.
If your belief is that the law itself is invalid then you have to make that case at the appellate courts.
FCfromSSC
Nuclear levels of sour
1hr ago
If only it were all so simple! If only there were evil people somewhere insidiously committing evil deeds, and it were necessary only to separate them from the rest of us and destroy them. But the line dividing good and evil cuts through the heart of every human being. And who is willing to destroy a piece of his own heart?
The_Nybbler
Does not have a yacht
1hr ago
The draft doesn't require social cohesion (as we had in WWII), just government force (as we had during Vietnam)
DradisPing
1hr ago
Another point is that the girlfriend likely moved to Minnesota to be with him and doesn't have a strong local support network. If she had a mother, sisters, and best friends since childhood in the city it would be less of an issue.
FCfromSSC
Nuclear levels of sour
1hr ago
There was the draft, in a previous society posessed of a great deal of social cohesion. That society no longer exists.
zeke5123a
1hr ago
The other problem is future negotiations. If a compromise between Do Nothing and X is Y, then Y becomes the status quo against which the next compromise occurs.
The_Nybbler
Does not have a yacht
1hr ago
No motte-and-bailey; slippery slope. I'm not going to argue about the specifics about any particular spot on the slippery slope because the main problem is that it is on the slippery slope.
The_Nybbler
Does not have a yacht
1hr ago
The Constitution is the supreme law of the land, both state and federally. State courts are certainly allowed to evaluate the constitutionality of state laws.
ControlsFreak
1hr ago
I disagree with your assessment of what "being capable of operating" entails, as we have gone over already.
We discussed shale fracking. Now Space X, ozempic, Matt Levine gives tons of examples of financial innovation, we're damn close to self-driving cars, but the hol' up is the tech, not the regulation. The list goes on and on. I do not see any more content in your comment that is anywhere near suitable to claim that we can simply declare this "gone over already". If anything, you just dropped it, because your position didn't go anywhere.
Let's make sure we're on the same page here, so that we are at least confident that we're both actually really ready to engage the slippery slope question honestly, without leaving room for a retreat in this direction. Are other industries capable of operating with some amount of regulation? Not, "Is there a general sense of a regulation-innovation tradeoff?" We agree that there is. The straightforward statement that many other industries are capable of operating with some amount of regulation. Are you going to stick with the position that this is an outlandish Bailey? Or is it simply a true fact about the world, and we can shift the discussion toward slippery slopes?
A Sopwith Camel fits in a garage and can take off and land on a piece of uneven land 300 m long. And that's with 1910s technology.
See also the autogyro/gyroplane/gyrocopter, developed in the 1920s, which can use 75-foot (25-meter) runways.
pigeonburger
1hr ago
In the negligent users defense, users checking for features like "password protection and encryption" is more the source of the issue than the solution. Network security is a process, not a feature. I feel safer putting up a camera with no encryption and password protection that serve a standard video feed on the network than one that requires a cloud service with SSL, password, 2FA, etc... to function. The former would be forbidden to talk to anything outside of my internal network, and there would also be restriction to what it can talk inside the network. Security features are a very distant concern after proper access control. But cloud services I just have to trust. If you take the most secure device and give the whole planet a surface to attack it, it's a matter of when, not of if, it can be cracked. To its credit, the document does address some of this, but what happens when the company decides to discontinue the product line and deprioritize security updates on the cloud services for their baby monitor? The document does say they have to precommit to a support period, but there's support and Support.
netstack
Texas is freedom land
1hr ago
I’m not being dishonest. I’m specifically not abusing the word “literal” or adding scare quotes to characterize policies I don’t like.
I believe Trump was measurably ineffective at his stated policy goals, and that his 2020 regulations don’t tip the balance. While he is obviously more likely to curb Title IX than a Democrat, that’s a low bar. I’ll stand by my statement: pundits who expect Trump to usher in “fresh prince” liberalism are going to be disappointed.
IGI-111
1hr ago
This is a true statement about the world
It's a true statement about your opinion. I disagree with your assessment of what "being capable of operating" entails, as we have gone over already.
it does need some something behind it
it certainly does!
All it needs formally is demonstration that the slope is slippery. Which we can discuss in this case, but I don't really see the argument against given we have dozens of examples in this very specific field, and in other fields of engineering, of the complexity of regulation increasing to smothering levels from previously small demands. Automobiles, airplanes, even dishwashers, you can take your pick of examples.
Will you then disagree that government regulation is a slippery slope? And on what ground will you do so?
2rafa
1hr ago
Lots of this is tongue-in-cheek, however, the hinted at truth is that, beyond a basic level of fitness, you hit diminishing returns quickly save for those women who really geek out over biceps or something
This is a better stated version of what I was trying to say.
SubstantialFrivolity
I'm not even supposed to be here today
1hr ago
With all due respect, "I do what I want" is not a viable approach to building a quality space. FNE was given a warning, not a ban straight off (presumably because she is a good poster and it wasn't a serious infraction), and that's all that it needed to ever be. It was because she chose to escalate things that she got banned temporarily, and it was perfectly reasonable.
CloudHeadedTranshumanist
1hr ago
Could you elaborate?
Six months update:
So more than I feared, less than I hoped, and it's become increasingly possible to say publicly among mainstream sources that it's probably not gonna look better.
More options
Context Copy link