I'm running the same version of Chrome(with site isolation enabled), its reporting "Your browser is NOT VULNERABLE to Spectre" for me. Also in incognito mode with extensions disabled.
We have been using kapow robosuite for close to 10 years now. Its a commercial GUI based tool which have worked well for us, it saves us a lot of maintenance time compared to our previous hand-rolled code extraction pipeline. Only problem is that its very expensive(pricing seems catered towards very large enterprises).
So I was really hoping this this thread would have revealed some newer commercial GUI-based alternatives(on-premise, not SaaS). Because I dont really ever want to go back the maintenance hell of hand rolled robots ever again :)
Agreed. Especially considering how easy it would have been to contact them privately and directly.
A 2 second google search for kidspass uk shows a sitelink for their "Contact Us" page, listing both a phone number and email address: https://www.kidspass.co.uk/contact-us
So unless that page was added post-incident, then IMO both Alex and Troy did not do responsible disclosure.
Hopefylly they where give more then a few weeks time to fix it. But by reading the article it seems they where impatient and didn't even wait for the weekend to be over before publicly announcing that the site had a vuln. And he didn't give instructions on how to repeat the "bug" in the DM (Twitter Direct Message).
Considering his follower base there might have been a number of people interested to know what it was, and capable of finding out by themselves. And from the article it seems the tweet did set off a "hacker feast" against the site.
> how do you know when the footage needs to be reviewed?
With all the computing power and vision AI available in such a vehicle, it seems like it would be possible to perform an automated interior scan of the cabin after each ride. Detecting cleanliness issues(and forgotten baggage).
Might be difficult to detect if someone peed though unless you can make the interior highlight it somehow. Maybe a moisture detector could be added but could be difficult to calibrate that for rainy days.
For me its purely a noise issue. Less heat to dissipate means less fan noise(Only speaking about home use here. In an office setting the difference would be unnoticeable).
> In an office setting the difference would be unnoticeable
If you have a hall full of developers, having lots of noisy PCs can be annoying.
Where I work, we optimized for more silent PCs, because all these things do add up, and given the perf/watt-ratio you can get out of modern CPUs, there's no reason for people to need to have noisy PCs.
Even at home, optimizing watt-usage, even for a desktop build, is not completely without merits. All my future projects are planned as fanless as possible. And I know others who do the same. And if Intel can't deliver that, they'll just go buy something Arm-based, like an Rpi 3, which these days are getting good enough to actually do production loads.
I'm not even getting close to wanting a system where the CPU alone can draw 400+ watts.
> an Rpi 3, which these days are getting good enough to actually do production loads
They really aren't, CPU performance is really irrelevant given the RPi's architectural weaknesses. USB was never meant as a system bus and everything has to loop through the kernel stack. Having every single peripheral hanging off a single USB 2.0 bus is crippling for performance. A Pi can't even serve a share at full 100 mbit speed due to bus contention let alone do anything more intensive.
It's very similar to one of Apple's more famous goofs, the Performa 5200/6200 with its left-hand/right-hand bus split that forces the CPU to handle everything.
Some of the clone boards have USB 3.0, SATA, gigabit ethernet, etc and are much better performers in practice despite having slower CPUs "on paper". Or there are little mini-PCs using 5-15W laptop processors that are really nice and run x86 distros/binaries.
All of these are at roughly comparable TCOs to a Pi (they include things like AC adapters that must be purchased separately for the Pi). The RPi is a bad choice for server usage.
> They really aren't, CPU performance is really irrelevant given the RPi's architectural weaknesses
Obviously "production loads" is an undefined term and as such we can discuss infinitely back and forth exactly how much these cheap ARM machines can actually handle.
I also didn't mean to single out the Rpi3 as a universal performer, optimal for everything out there.
My point was that I'm seeing an increased amount of people who are happy with what these cheap boards can do, who 10 years ago would have been forced to buy a server of sorts to cover the same needs.
So now they don't buy servers. Instead they buy cheap, tiny and fan-less ARM-based machines and they're perfectly happy. They even think running ARM is cooler than running Intel, so it's something they brag about.
I'm absolutely not saying I'm going to replace my company's server-farm or my dev-computer with these anytime soon, but Intel cannot completely ignore the power-efficiency aspect either if they want to keep their dominance in the market.
Good that it was fixed. But now bad actors will be looking very hard for other bugs in the unsandboxed javascript interpreter. Tempting to just disable windows defender completely.
Denmark here. November 21 2014 instant clearing 365/24/7 between danish banks via the Danish Central Bank was started. I can transfer money from bank A and have it be there on my account with bank B when I alt-tab over and refresh the browser with netbank B. Oh and its free(although a few banks have started charging a minor DKK 1 or DKK 10 fee for initiating the transfer, not mine though).
Apache httpd "legacy"? Seems a bit exaggerated. As far as I can tell it works just fine, have plenty of very good tutorials(like those from digital ocean), performance wise no problems(at least for our usage). And seems simpler to setup.
At my work we use IIS for our main website, but I've been asked to setup and configure a few wordpress installations. I've played around with both nginx and apache, but it was much easier to find clear instructions to setup wordpress on apache, so thats what I went with. I also really like apaches .htaccess support. Easy to lock down access to wp-admin by just dropping a .htaccess file in there restricting access to local ip range, instead of having to pollute the nginx config file with that sort of thing.
"works just fine" is completely orthogonal to "legacy", same as "well documented", etc.
The way you're writing, you sound like you've tried one (Apache), and not really the other (nginx) and are basing your opinion on that, not on any merit-based evaluation...
