A federal judge in Virginia ruled Tuesday that the City of Norfolk’s use of nearly 200 automated license plate readers (ALPRs) from Flock is constitutional and can continue, dismissing the entire case just days before a bench trial was set to begin.
The case, Schmidt v. City of Norfolk, was originally filed in October 2024 by two Virginians who claimed that their rights were violated when the Flock network of cameras captured their cars hundreds of times, calling the entire setup a “dragnet surveillance program.”
However, in a 51-page ruling, US District Court Judge Mark S. Davis disagreed, finding that the “…plaintiffs are unable to demonstrate that Defendants’ ALPR system is capable of tracking the whole of a person’s movements.” //
I intended to NOT drop what I was doing and just let the video play in the background. But after 1 minute, I dropped what I was doing to give the video my full attention. https://www.youtube.com/watch?v=vU1-uiUlHTo
See also "We’re All So F’d | NVIDIA x Palantir, Global Surveillance, 'Pre-Crime' Arrests, & AI." https://www.youtube.com/watch?v=5lYsO4k7OIY
Don't mess with the IT department guys. Although their office might look as messy as mine, they are a force not to be screwed with.
It all started one day with this guy, the origional Etherkiller, developed with a few misc parts to warn new users that the IT department is not to be messed with. You too can make one at home, connect the transmit pins of the RJ-45 to HOT on 110VAC and the recieve pins to Common. Modify to suit tase by varying pinout.
This led to some general discussion that this particular device really is in a class of devices, now called the "killers", which need to be made.
I’ve started only buying smart devices if there’s already an active community project to provide firmware and such should the company disappear or give up. If you want the convenience of “smart” devices, you have to compromise somewhere.
You can also buy devices that use open protocols like zwave, zigbee, or thread/matter. zwave is by far the best of the 3 because the certification requires that the devices properly implement the standard so any controller can manage any device, however that also makes it the most expensive and least flexible of the 3. For me stuff I care about long-term support for is zwave (thermostat, living room lights including wall controller), stuff that I'm less worried about having to possibly replace some day like motion detection or smart outlets can be zigbee, or Matter. Thread/Matter is starting to get to the point where the standard and interoperability testing is robust enough that I might consider it for my mission critical stuff in the near future.
As far as music, I've got 20 year old speakers hooked up to a 10 year old receiver that gets fed by the TV or anything plugged into it, thanks to HDMI ARC I don't have to worry about what TV I use or what device is plugged into it, downside of course is that the TV has to be turned on and tuned to the music source (not a big deal for my personal situation, others may not like the compromise).
And now, with that redesign having been functional and stable for a couple of years and a few billion page views (really!), we want to invite you all behind the curtain to peek at how we keep a major site like Ars online and functional. This article will be the first in a four-part series on how Ars Technica works—we’ll examine both the basic technology choices that power Ars and the software with which we hook everything together.
Reported in Nature this week, the study notes that audiovisual glitches break the illusion of a face-to-face meeting, damaging interpersonal judgments.
The authors argued that distorted faces, misaligned audio and visual cues, and choppy movements resulting from technical failures can create an "uncanniness, a strange, creepy or eerie feeling." //
Some might think the resources of the tech industry could eliminate such problems and their resulting impacts in the real world. But priorities seem to lie elsewhere.
The study's authors noted that older technologies like phone calls have fewer glitches now, but keep getting displaced by those that require more bandwidth. New conferencing methods such as 3D group functionality and VR will have even higher bandwidth demands.
Nephophobia, or cloud phobia, is an excessive or irrational fear of clouds that can evoke intense emotional responses and substantially impact an individual's overall well-being.
It’s always DNS
Amazon said the root cause of the outage was a software bug in software running the DynamoDB DNS management system. The system monitors the stability of load balancers by, among other things, periodically creating new DNS configurations for endpoints within the AWS network. A race condition is an error that makes a process dependent on the timing or sequence events that are variable and outside the developers’ control. The result can be unexpected behavior and potentially harmful failures.
In this case, the race condition resided in the DNS Enactor, a DynamoDB component that constantly updates domain lookup tables in individual AWS endpoints to optimize load balancing as conditions change. As the enactor operated, it “experienced unusually high delays needing to retry its update on several of the DNS endpoints.” While the enactor was playing catch-up, a second DynamoDB component, the DNS Planner, continued to generate new plans. Then, a separate DNS Enactor began to implement them.
The timing of these two enactors triggered the race condition, which ended up taking out the entire DynamoDB.
Aranya is an access governance and secure data exchange platform for organizations to control their critical data and services. Access governance is a mechanism to define, enforce, and maintain the set of rules and procedures to secure your system’s behaviors. Aranya gives you the ability to apply access controls over stored and shared resources all in one place.
Aranya enables you to safeguard sensitive information, maintain compliance, mitigate the risk of unauthorized data exposure, and grant appropriate access. Aranya’s decentralized platform allows you to define and enforce these sets of policies to secure and access your resources.
The platform provides a software toolkit for policy-driven access controls and secure data exchange. The software is deployed on endpoints, integrating into applications which require granular access controls over their data and services. Endpoints can entrust Aranya with their data protection and access controls so that other applications running on the endpoint need only to focus on using the data for their intended functionality. Aranya has configurable end-to-end encryption built into its core as a fundamental design principle.
A key discriminating attribute of Aranya is the decentralized, zero trust architecture. Through the integration of the software, access governance is implemented without the need for a connection back to centralized IT infrastructure. With Aranya’s decentralized architecture, if two endpoints are connected to each other, but not back to the cloud or centralized infrastructure, governance over data and applications will be synchronized between peers and further operations will continue uninterrupted.
GeekyOldFart
Three languages
And I'm not talking about programming languages, where most of us are fluent in half a dozen or so.
1: Regulatorian: This is the language of politicians and lawyers. It sets the mandates on banks, hospitals, schools etc. It contains nuances and terms of art that sometimes make a word mean something totally different to what you would infer if you heard it in general conversation.
2: Beancounterese: Spoken by accountantrs, salesmen and middle manglement. It sounds very similar to regulatorian but is sufficiently different in some of its meanings that it's as big a gulf as between old scots and english.
3: Geekian: The language of hard science, mathematics, real-world realities and the only one to use when specifying what a programmer needs to code. Because they will code what you tell them to, and it will work the way this language describes it.
The same word can mean different things in these three languages.
We have to be fluent in all three to accurately interpret requirements and predict what the emerging software will look like, to take error logs and demonstrate to (sometimes hostile) manglement what corrective action is needed and where it needs to be applied.
Michael H.F. WilkinsonSilver badge
Reply Icon
Re: Three languages
It gets worse, as there are quite a few Geekian dialects. I have learnt to speak a couple over the years, and know the word "morphology" can have radically different meanings, depending on whether you are talking to a medical doctor, an astronomer, or an image processing specialist. Great fun when you are in a project with different geeks each speaking their own dialect.
Shirley Knot
Reply Icon
Re: Three languages
Well said!
When writing specs for dev projects and talking to those speaking Regulatorian or Beancounterese it involves finding out what they actually mean, without saying "What the fuck do you actually mean?!" The skill is in performing iterative attempts without making them blow their stacks! The most frustrated person I had to deal with was a lovely chap that'd been doing his thing for decades, in manufacturing/engineering. He knew exactly what he was doing, but couldn't articulate it - quite understandable, not part of his world. Once he understood that I was just a white collar noob and he was the expert he calmed right down and enjoyed going into as much detail as needed. Explosive decompression averted and job done!
Ersatz-11 emulates an entire DEC PDP-11 system in software while running on low-cost PC hardware. It outperforms all of the hardware PDP-11 replacements on the market, outstripping them by a particularly wide margin in disk-intensive applications.
What operating systems were written for the PDP-11?
My son, Max, once worked for social media companies. Now he makes his living speaking to students about how phones hook them. He compares smartphones to casino slot machines.
"All the things we love about social media, those are the reward in the slot machine ... we get that 'hit' once in a while ... That's there to keep us scrolling for hours."
Haidt agrees, calling smartphones a "gambling machine."
They say some apps are worse than others.
"Instagram, Facebook, Snapchat, TikTok. Those really shatter attention spans. In terms of exposure to things that are really dangerous, Snap is the worst," says Haidt. "In terms of destroying your ability to pay attention, TikTok is the worst. In terms of destroying a teenage girl's sense of confidence, self-esteem, body image, Instagram is the worst."
He says social media affects boys and girls differently.
"Check in on the kids at age 14, girls are doing worse. They're more depressed and anxious, more messed up."
But a few years later, he says, "Girls are more likely to have gone to college, gotten a job and moved out of their parents' home. Boys are more likely to still be in their parents' basement playing video games. They never grew up. Real life is incredibly boring compared to a video game or porn."
Teachers say phone addiction makes it harder to teach.
If you're writing an open source system utility, for example, your chance of widespread adoption depends on its reputation as trustworthy, and that will reflect on you.
Who watches the watchers?
Talon is a case in point. A Windows de-bloater made by an outfit called Raven and distributed through GitHub as open source, it nonetheless got a rep as potential malware. Open source by itself guarantees nothing, and the conversation around whether or not Talon's bona fides checked out simply grew and grew. Enter YouTube cyber security educator and ethical hacker John Hammond. His day job includes answering the question "Is it Malware?" He has the chops, he has the tools, he has the caffeine. Speedrun is go. //
How might Raven have avoided being considered suspicious? There's a concept called defensive coding, where you consider each decision not just as how it contributes to functionality, but how it would cope if given an unexpected input. With Talon, the defensive process is whether a choice of technique will trigger malware scanners, and if it might, but is indispensable, how to make it clear in the code what's going on. You know, that pesky documentation stuff. The design overview. The comments in the code. If your product will need all those open source eyeballs to become trusted, then feed those eyeballs with what they need. There aren't many Hammonds, but there are lots of curious wannabes, and even the occasional journalist eager to tell a story.
Creating security is a huge task, and everyone who launches software for the masses has the opportunity to help or hinder, regardless of the actual intent of the product. Open source is a magnificent path to greater security across the board, because it keeps humans in the loop. Engineering for those humans is a force amplifier for good. Just ask the future historians speedrunning the history of cyber security centuries from now. ®
I'm a ISP network engineer, and across all teams working on the same platform we have agreed on Read-Only Friday. //
Yep, never start/continue/work on a project on a Friday. Or Monday... //
We have a strict "no live deployments on a Friday".
And if a Friday happens to be a public holiday, the rule then applies to the preceding Thursday instead. //
The last day of the working week is virtual or logical Friday, even if it's not calendar Friday.
All Friday rules still apply!
So... this is all you do all day is it?"
"Most days. Other days Carl or Peter does it."
"Carl or Peter?"
"Yeah, we work shifts - because the market never sleeps."
"So let me get this straight. You don't have any servers, you don't have any real work - AND THERE ARE THREE OF YOU - so you just make problems to keep yourself in a job?"
"Yep, That's pretty much it." //
A minute of silence passes, then finally the geek cracks. There's no server hardware. Nothing. Over the last five years the entire company operation has moved into online services - theoretically leaving our geek with no job.
"So what do you... do all day?" the PFY asks.
"SOME days, I'll take a complete snapshot of our cloud infrastructure," he says.
"Once a month you mean?" the PFY surmises. "So what do you do with the rest of your time?"
"I, um, manufacture outages," he admits.
"Manufacture outages?"
"Yeah, I'll light up the RED lamp on a server and, uh, take a cloud service offline."
"Why?"
"Because then they'll call me and get me to fix it. I'll bring them in here, fire up a linux laptop with the Matrix screensaver, edit a JPEG with a Hex editor, pretend to find a virus signature or an internal consistency error, then 'fix' it and bring the service back online again."
It seems so simple now that he says it.
What is a GUID?
A GUID is a globally unique identifier that can be generated through several different algorithms. The GUIDs on this site are generated using a secure random number generator.
Years ago, when I read The Mythical Man-Month, I found lots of stuff which I already knew from other sources. However, there were also new things in there, despite the book being from 1975. One of them was:
The Surgical Team
Mills proposes that each segment of a large job be tackled a team, but that the team be organized like a surgical team rather than a hog-butchering team. That is, instead of each member cutting away on the problem, one does the cutting and the others give him every support that will enhance his effectiveness and productivity.
This is a very interesting pattern for organizing a software development team, but I never found it described in any other Software Engineering book, not even mentioned anywhere.
Why is that?
The Common Charger Directive demands that a "USB-C receptacle" be equipped on "radio equipment" that is "equipped with a removable or embedded rechargeable battery" and "can be recharged via wired charging." If it has a battery and can be powered by up to 240 watts through a USB-C connection, it's generally subject to the EU's USB-C requirements. The directive applies to devices "placed on the market"—sent to a distributor or buyer—after December 28, even if they were initially designed and sold before that date.
Laptops get until April 2026 to comply, but most other things—phones, tablets, handheld gaming devices, computer accessories, and wireless headphones—will have to be powered by USB-C to be sold inside the EU from now on. //
In addition to simply demanding that a USB-C port be present, the Directive requires that anything with "fast charging"—pulling more than 5 volts, 3 amperes, or 15 watts—enable the USB Power Delivery (USB PD) standard. This should ensure that they properly negotiate charging rates with any charger with USB PD rather than require their own proprietary charging brick or adapter. //
The EU's celebratory post on X is heavy with replies from doubters, suggesting that mandating USB-C as "THE charger" could stifle companies innovating on other means of power delivery. Most of these critiques are addressed in the actual text of the law, because more powerful devices are exempted, secondary power plugs are allowed, and wireless largely gets a pass. "What about when USB-D arrives?" is something no person can really answer, though it seems a vague reason to avoid addressing the e-waste, fragmentation, and consumer confusion of the larger device charging ecosystem.
In the high-stakes world of semiconductor manufacturing, Europe has unveiled a groundbreaking achievement that rivals the cost and complexity of an Airbus A350. This state-of-the-art machine, meticulously assembled by a team of 250 engineers over six months, stands as a testament to European innovation in microtechnology. With ambitions to capture a significant share of the Chinese market, this marvel could reshape the global semiconductor landscape.
Since its inception in 1984, ASML has been at the forefront of semiconductor lithography. The company’s latest creation leverages Extreme Ultraviolet (EUV) technology, a bold move that has paid off handsomely. EUV lithography allows for the precise etching of intricate chip patterns, essential for the next generation of artificial intelligence and high-performance computing. According to industry leaders at the International Semiconductor Association, ASML’s commitment to EUV has not only doubled its revenue in the past five years but also set new standards in chip manufacturing.
The new ASML system promises to revolutionize microprocessor fabrication by reducing transistor sizes to an astonishing 1 nanometer.