The date of the notice is October 28th. The separation dates given in the letter are 90 days out from the date of the notice (for some technical reasons, some employees had a separation dates a bit further out.)
The J.C.R. Licklider book was difficult for me just because the font is small. I ended up finding an epub version and read that instead and loved it. The physical book is beautiful though and I'm glad I have it.
That is certainly an attack vector of concern! I've had friends where the attacker just exfiltrated a single check from their own checkbook and cashed it as legitimate somewhere else!
It seems that a third-party check printing service could run off checks for the attacker instead. The attacker would need to cover their tracks insofar as payment methods, and then intercept a package which would be mailed to my home address listed on the checks they ordered. That seems elaborate, but doable, if they want a whole stack of legitimate checks.
It is possible that there are even disreputable "security check" printers who aren't Walmart, but just counterfeiters in a 1BR, running off bogus checks for anyone who asks?
But who needs/wants a whole stack of them, anyway? It only takes one or two.
It is so strange, too, that we rarely hear of check fraud in the States. It would seem so easy, so is it widespread or rare?
Excited to say I worked on this feature! (Standard disclaimer: thoughts and opinions are my own and may or may not be shared by my employer.)
To give an idea of the kinds of things you can do now:
- Keys or other secrets can only be decrypted (via KMS) by an EC2 instance if it is running an approved AMI.
- You could build a certificate authority (CA) which only issues a certificate to an instance running an approved AMI.
This is similar to the functionality that was available in Nitro Enclaves. However, enclaves came with restrictions (such as only being able to communicate through a vsock) that made them not a great fit for all use cases.
This doesn't appear to he exclusively anti-evil maid. It takes "build an AMI that doesn't have enough userland to extract the keys" and extends it to "only approved AMI's can access the keys."
Lateral movement of attackers.
Shadow IT.
People modifying things between test and Prod.
All easy examples that don't require you to trust AWS hasn't backdoored it to still get better security.
On AWS, if I run my software (some VM image), what guarantee is there that you are indeed running the image I provided to you? And, if is an approved image, what guarantee is there that image being run is the one publicly disclosed?
At some point it does come down to "we have to trust the provider isn't outright lying to us about what they're doing."
That was a hard bridge for me to cross for a long time; I got there via sustained in-depth conversations with folks there who simply wouldn't stand for something that breathtakingly opposed to everything AWS has strived to achieve from a trust perspective, that they'd sooner tear it all down than implement such a thing.
Some folks can't get there, and that's okay; if you don't have that level of trust, perhaps the cloud is not a fit for all of your workloads.
The point I am concerned about is that I am forced to trust a single party. AWS is not ever explicit in admitting this, at which point does it matter that your workload is on Nitro-this or attested-that? No university researcher, afaik, has physical access to audit these systems. I think the other major player(s) have a better story for this by harnessing features of certain cpu vendors.
To every cloud/server vendor: This is a big deal. I need a system I can audit, from silicon and firmware up, but I don’t want to water it, give it sunlight, or whisper sweet nothings to it, just to rent it out as needed.
If I understand correctly, it basically works the same as Trusted Boot on a local machine, with the host's CPU used as the root of trust. The difference is that the CPU creates multiple completely independent environments, with for example independent memory encryption keys.
Once you've got that, it's the usual TPM dance: each phase of the boot process verifies the next step and "ratchets" the TPM forward. The final OS uses the TPM's attestation to prove the TPM is genuine and not emulated, and the TPM's final state is used to prove it's running a genuine image booted through the proper process.
AMD had a whole bunch of SEV extensions for stuff like this. I reckon Intel isn't any different.
I’m more familiar with the 737 (as a hobby, not as a pilot), but for that aircraft the “loss of thrust on both engines” checklist has the start levers as the second item on the list.
Note that in the checklist I am looking at the goal is to restart the engines rather than diagnose the failure and that involves these levers. I suspect you’d notice pretty quickly if they were not in the expected location.
Thanks, this is good information. So it then fits the overall picture that they would've actually bumped into these switches in the rush of emergency eventhough they're never expecting the switches to actually be off.
Just from a systems perspective if the actions to restart the engines can be parallelized then they should be; maybe only one engine will start. You don't want the 50% (for 2-engine aircraft) chance that you spend time on the one that won't start before trying the other.
The misunderstanding here shows that we need to be careful with in-jokes and references in an asynchronous medium. Even among people who have consumed the media in question. It's even worse with the general public (or even just general HN public).
No. We don’t need to make conversations so boring as to allow you and your robotic ink to completely unambiguously understand them. For every one person that didn’t get this obvious Bluey reference deep in a Bluey thread, I’m sure that 100 more DID get it.
I have an elderly parent who has required multiple trips to the ER in the last year. The issue here (Seattle) is that the beds in the other departments are full, so there is no where else for them to go. The ER usually determine within a few hours she needs to be admitted, and then it takes a day for them to actually find the capacity.
there's also a significant amount of automation in place these days to sass you in the right direction, i.e.
* focusing on resources and operations on resources
* using consistent and expected naming schemes, pluralization, etc.
it also helps that the sdks and clis are very raw wrappers around this, such that if you know what it looks like in the sdk then it will look similar in the cli.
I bought a Grandstream HandyTone 801 as a bridge. I use voip.ms as a service provider. Both are geared toward more technical users, but the service is very reasonable for the price. Instructions for configuring it are clunky but not too bad: https://wiki.voip.ms/article/Grandstream_HandyTone_802_-_HT8....
I had previously tried Ooma, but I didn't like that it wanted to sit between my router and modem.
