There also needs to be a process to validate the SBOM matches the compiled software with an air gapped digital twin. ( you have to bypass a few things in the header - like time stamp and a unique I’d) so both versions of your compiled software have the same hash. Then you need to protect that file from interception and still validate every line change in every file. This patent addresses many of these issues with a self-referencing SBOM on the blockchain. https://patents.google.com/patent/EP3687107A1
Readit Newsb-g-m commented on The world needs a software bill of materials drrispens.medium.com/why-... · Posted by u/kiyanwang
b-g-m commented on Unpacking Interview Questions jacobian.org/series/unpac... · Posted by u/williamsmj
But what about hiring neurodiverse candidates who are not jerks but just have low EQ?
b-g-m commented on Ron Paul blocked from posting on Facebook twitter.com/RonPaul/statu... · Posted by u/eruleman
I think our election system would be improved with instant-run-off voting (aka alternate vote), election holidays, and blockchain voting - with citizen blockchains.
People counting paper ballots is not bullet-proof.
Please don’t cancel my life and career for trusting the integrity of the math behind cryptographic hashing more than black box voting machines.
b-g-m commented on The Capitol Attack Doesn’t Justify Expanding Surveillance wired.com/story/opinion-t... · Posted by u/jimmy2020
In 2020 I wanted DC to start looking at smart-city cameras. I have been living in DC for nearly 10 years and watched the crime in the area go up alarmingly during the quarantine. People being robbed in broad daylight, Porch pirates, Arsons, burglary, auto theft - not to mention other threats and hazards in the capital go on without being apprehended. I am specifically interested in the smart-city Forward Looking Infrared (FLIR) cameras which could identify sick people, terrorists, gun shots, and all other kinds of hazards, threats and security issues.
> New law enforcement techniques using DNS and other Intel techniques will be used to track, seize and tax cryptocurrency - which will cause increased popularity of Ethereum.
DNS? Not sure how that's relavent. And furthermore why would a crack down lead to more popularity?
> A qubit will travel around the world without decohering and increase attention on quantum internet investments
Well that would be good for researchers, there are basically 0 applications so i'm not sure why it would generate imvestment excitement (who needs QKD when you have public-key crypto?)
To join many Bitcoin based peernetworks - you first contact one of the DNS seeds. Which is traceable by LEO. Ethereum has their own DNS and other security protocols which bypass this problem - which would be attractive to those who use cryptocurrency to avoid LEO.
Quantum internet is different than QKD. The best analogy I can give is its like the difference between Morse code and the internet. Things like quantum teleportation, superdense coding and distributed quantum computing through a quantum internet will be revolutionary.
Software Bill of Material (SBOM) will become more of a thing - where you must list the dependencies and their hash you used for supply-chain security and vulnerability management.
New law enforcement techniques using DNS and other Intel techniques will be used to track, seize and tax cryptocurrency - which will cause increased popularity of Ethereum.
A qubit will travel around the world without decohering and increase attention on quantum internet investments. GPT4 and other ML models (maybe even with a neuro-feedback loop) will radically change entertainment for Gaming, movies, books, and music.
Smart Cities will start emerging ( and some cities which will ban the technology) with ML models and Intel systems capable of identifying all kinds of hazards (fires), threats (terrorists) and crime at scale.
A new “shadow net” will emerge from new mesh-networking protocols and massive amounts of compromised IoT devices- allowing users to bypass core internet routers and ISPs with the “shadow net”
XR with depth field scanning and smart tailoring with drastically change the fashion industry ( shoes and clothes). So people can virtually try on clothes and order perfectly tailored clothes from their home.
Software Bill of Material (SBOM) will become more of a thing - where you must list the dependencies and their hash you used for supply-chain security and vulnerability management.
New law enforcement techniques using DNS and other Intel techniques will be used to track, seize and tax cryptocurrency - which will cause increased popularity of Ethereum.
A qubit will travel around the world without decohering and increase attention on quantum internet investments.
GPT4 and other ML models (maybe even with a neuro-feedback loop) will radically change entertainment for Gaming, movies, books, and music.
Smart Cities will start emerging ( and some cities which will ban the technology) with ML models and Intel systems capable of identifying all kinds of hazards (fires), threats (terrorists) and crime at scale.
A new “shadow net” will emerge from new mesh-networking protocols and massive amounts of compromised IoT devices- allowing users to bypass core internet routers and ISPs with the “shadow net”
XR with depth field scanning and smart tailoring with drastically change the fashion industry ( shoes and clothes). So people can virtually try on clothes and order perfectly tailored clothes from their home.
b-g-m commented on Ask HN: Why are software companies stingy with developer hardware upgrades? · Posted by u/frankus
I don’t know why. But I worked as security at a federal government organization. I noticed doing daily tasks was taxing my workstation and saw it only had 2 gigs of ram. I talked to my colleagues and they mentioned they had been putting in requests every year for more ram and we get nothing. Later I attended a procurement meeting and saw the manager of the dev team screaming that his team couldn’t compile certain programs with 1 gig of ram and it was ridiculous he had been asking for more ram for 6 months and still nothing. So I then used my security access to run an enterprise host query to find the average ram of the machines + a vlookup() function to map user and department to machine. I saw the IT department had machines averaging 32 gigs of ram and even some machines with 64 gigs and one with 192 gigs. These were individual workstations and not some server. While everyone else was running anywhere from 1 to 4 gigs. To verify my suspicions, I then used my access to remotely run a script run for a month on every machine which would check every hour the % of RAM used and report back. Many of these IT machines were barely using 10%.
So I printed out the evidence of my findings and went to the following procurement meeting the next month and suggested we redistribute the RAM based on role function and need.
The meeting basically went south very quickly and abruptly ended with no outcome.
So next month when they suddenly laid off a team next to us, we just ripped the ram out of those computers and put them in ours before IT could come to collect them.
So I guess I am saying blame your IT team.
Ancient Domains of Mystery (ADOM)
This was 6 years ago. I now make $180k - with bonuses often pushing me close to $220k.
Go apply for other jobs and see what others are willing to pay you