The FETT seeks to defeat SSITH defenses as US military goes hard on bug bounties and its Star Wars issues
Two years ago, the US Defense Advanced Research Project Agency introduced a hardware security program called System Security Integration Through Hardware and Firmware, or SSITH.
Having evaded a trademark challenge from Disney’s lawyers, DARPA is ready to test the kit modifications coming out of that program against hackers. On Monday, the exploratory tech arm of the Defense Department said it had partnered with the DoD’s Defense Digital Service and private sector vendor Synack to run the Finding Exploits to Thwart Tampering Bug Bounty, or FETT.
Students of Star Wars may recall that Boba Fett’s father Jango was hired by Sith Lord Darth Tyranus; for everyone else, the US government’s nod to Star Wars rather than Star Trek tells you everything you need to know about those running the federal show.
sorry. can’t “like” this. 
PHP is like “let’s take Perl and make it worse.” I’ve never been a particularly big fan of it. The never ending cavalcade of security bugs doesn’t help matters either.
Some gold here.
hundreds of repeat posts of the same error, followed by success.
how did you do that?
I followed the instructions in the README
but not to be outdone:
looks way to complicated for me
Not posted to discuss Bandcamps problems with Apple (Spoiler alert: Apple wants their usual cut!), but their take on “fixing” email as such.
Hey is trying a new take on email – but maker complains of ‘outrageous’ demands after Apple rejects iOS app
Hey claims to fix email, which according to Basecamp has seen little innovation since the launch of Google’s Gmail in 2004. Hey describes itself as a “full email service provider” with a few key features.
Ah lovely, here’s something you can do with those Raspberry Pis, NUC PCs in the bottom of the drawer: Run Ubuntu Appliances on them
Ubuntu has launched its Appliance Portfolio, an initiative designed to enable secure smart devices linked to cloud services. All Ubuntu appliances are “free to download and install” but may include an up-sell to paid-for services.
The idea of the Ubuntu Appliance Portfolio is to “enable secure, self-healing, single-purpose devices,” according to Canonical product manager Rhys Davies. You could probably build this software yourself by hand, though the appliances are supposed to be convenient self-maintaining packages of programs to save you the bother.
I finally decided to use the DHT11 temp/humidity sensor connected to one of my Pis.
Rube Goldberg style!
- By loading an overlay, the sensor data becomes part of the file system.
- Using Samba, the file system can be read from my Windows PC.
- A Lazarus/Free Pascal program serves it as a web page.
- The web page can be displayed from another Raspberry Pi.
- Grabbing some gauges from someone’s project, and Star Trek LCARS from someone else’s, it looks pretty good.
Mind you, the CSS needs some tweaking if it’s going to fit on a 480x320 screen. (Plus switch the font to the official Swiss911 Ultra Compressed.)
For a while, I’ve had the feeling that there was a lot of unattributed copying of little project articles for the Raspberry Pi and similar types of things. When one person did a project, up would pop a bunch of very similar articles. Sometimes perhaps it was just “railroad time”, where it was a natural next step that different people worked on at the same time. Other times it seemed like barely disguised copying for brownie points (I don’t see how there’s any cash incentive).
This morning one hit my feeds that’s so dumb, I wonder if it’s automated copy/post?
And that only points to another site:
And that points to:
Read, read, read…
The first thing we will need to do is set up our Pi with raspbian. For this build you will need to download an image of raspbian Jessie
Jessie?! That’s like at least two years out of date. Scanning down, there’s a link to the project software on GitHub. Which 404s. According to Wayback, it was taken down sometime in 2017.
It seems that someone plagiarized an obsolete project article, and two layers of aggregators picked it up, and not one of them noticed that it was a completely dead project.
Why? The sites will benefit from the clicks and impressions, but what’s the point for the end copier?
It’s a little disheartening, because I wanted to get into the habit of banging off little projects and publishing them. But if it’s just going to fuel someone’s click-farm…
Money, I guess. But yeah, I hate this shit too.
IBM job ad calls for 12 years’ experience with Kubernetes – which is six years old
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
