Hacker Newsnew | past | comments | ask | show | jobs | submit | teget's commentslogin

If you update a column that is not indexed you might get away with it without stressing the cleanup processes too much (vacuum and friends):

https://www.postgresql.org/docs/current/storage-hot.html


Shouldn't systems Like LZB or ETCS bei mostly protected against radio interference as only the Last section (centimeters) needs to bei transmitted wirelessly? Are they used in the line or did they opt for something else?


Yeah, generally that’s true - it’s certainly not a long-range system. I’m not clear on what the actual problem is at Stratford, but I do know these systems can be quite sensitive and it can be tricky to ensure they operate reliably alongside each other.

In the case of Crossrail the core (new tunnels) use CBTC signalling, I think based on Siemens TrainGuard - I think the specification of the project predates ETCS being proven as a viable solution for this particular kind of service. The services leaving Stratford to the East use TPWS/AWS in common with most services on the UK mainline network.

The challenge is in the transition between the two systems, as I understand it - anything out of the ordinary and the train will of course come to an immediate halt.


LZB uses cable loops.

ETCS can use cable loops, but for full functionality a radio data connection is required.


By my understanding the RCE part of the exploit should not apply to recent java versions if the default options are used (minecraft shipped older version afaik, and all bets are off for unmaintained enterprise applications). The data extraction however will work on any java version if the server in question has the capability to connect to a server under the control of an attacker, as the network request will be performed even if the JVM options that should avoid the RCE are enabled. Big problem for client applications (as usually most outgoing connections are allowed). A bit harder to evaluate the impact in the enterprise context as many companies will not allow their servers to connect to "random" endpoints or at least require target-specific proxies to connect to the internet/intranet which makes this harder to exploit.


As arankine noted there is the platform independent osquery. There is also SQL for WMI [1], which predates osquery, I believe.

[1]: https://docs.microsoft.com/en-us/windows/win32/wmisdk/queryi...


IIRC "Malicious Software Removal Tool" but close enough I guess.


Classic .net deployments are regarded as system components, they will receive security updates as long as the supporting OS is supported(that's at least the sales pitch we received) So 4.6 on Windows 10 will be supported at least till 14th October 2025 and 4.7 on Windows 10 at least until 13th October 2026 (if you are willing to pay Microsoft for that)


> (if you are willing to pay Microsoft for that)

So ... same as with Oracle. The "if you are willing to pay" part is what people are crying about.


This amazon release specifically says that amazon will only support up to 2023, what makes you think they won't do the same?


The Amazon release promises support out to that date.

There's fairly good business reason to think that, if OpenJDK continues to be popular and relevant (as I expect it will be), that Amazon will continue to extend that date, keeping it roughly four to five years in the future each time. They're giving confidence in the long-term support of Java on their platform, not making an indefinite promise about the future.


Also to note James Gosling works at Amazon since May '17. They clearly have a vested interest in Java.


.NET Framework was released in 2014 and will be supported until 2025. I'm not sure the timeframes are comparable regarding Microsoft vs Oracle.



The Coradia LINT platform this train is based on is built in Germany. Alstom has two locations within Lower Saxony (which is the state funding a lot of this).


No enforcement agency is required to enforce this law. Rightholders will sue non-filtering platforms over potentional lost sales due to their "wilful negligence". And if the offending platform has any business in Germany (or another country with similar laws) this will be a gold mine for any law business issuing cease and desist letters in the name of competing plattforms.


network.IDN_show_punycode in firefox


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: