But the deeper problem with making Musk the face of government "efficiency" is that efficiency is not an end unto itself. How well government operates is one question — an important one. But what government is for is a very different question.
On October 3, the British government announced that it was giving up sovereignty over a small tropical atoll in the Indian Ocean known as the Chagos Islands. The islands would be handed over to the neighboring island country of Mauritius, about 1,100 miles off the southeastern coast of Africa.
The story did not make the tech press, but perhaps it should have. The decision to transfer the islands to their new owner will result in the loss of one of the tech and gaming industry’s preferred top-level domains: .io.
A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.
“Forgetting used to be the default, and that also meant you could edit your memories,” says Kate Eichhorn, who researches culture and media at the New School in New York City and wrote the book The End of Forgetting. “Editing memories” in this context refers to a psychological process, not a Photoshop tool. The human brain is constantly editing memories to incorporate new information and, in some cases, to cope with trauma.
When engineers build ad retargeting platforms, they build something that will continually funnel more content for the things you’ve indicated you’re interested in. [...] But these systems don’t factor in when life has been interrupted. Pinterest doesn’t know when the wedding never happens, or when the baby isn’t born.
A heartwarming story of the Internet's creativity.
Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that's affected a dozen carmakers.
This team of researchers has found many car-related bugs before. The vulnerability writeup is here.
New IETF standards take advantage of extra bits to produce time-sortable UUIDs. This can improve the locality of database keys and provide the ability to do a bit-by-bit comparison rather than parsing.
They're now available in .NET 9 Preview 7:
var guid = Guid.CreateVersion7();
var guidWithTimestamp = Guid.CreateVersion7(DateTimeOffset.UtcNow);
With today's technology, IT administrators must either route DNS traffic in the clear in order to detect and block malicious domains but trust malicious DNS servers or authenticate DNS servers, encrypt DNS traffic, and lose network monitoring. As Ars Technica describes, Windows aims to enable the best of both worlds:
[Zero-Trust DNS] aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices. [...] Jake Williams, VP of research and development at consultancy Hunter Strategy, said the union of these previously disparate engines would allow updates to be made to the Windows firewall on a per-domain name basis. The result, he said, is a mechanism that allows organizations to, in essence, tell clients “only use our DNS server, that uses TLS, and will only resolve certain domains.” Microsoft calls this DNS server or servers the “protective DNS server.”
From Microsoft's announcement:
First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names. This provisioning may also contain a list of IP address subnets that should always be allowed (for endpoints without domain names), expected Protective DNS server certificate identities to properly validate the connection is to the expected server, or certificates to be used for client authentication.
Next, Windows will block all outbound IPv4 and IPv6 traffic except for the connections to the Protective DNS servers as well as the DHCP, DHCPv6, and NDP traffic needed to discover network connectivity information. Note that many options from these protocols will be ignored, such as RDNSS, as only the configured Protective DNS servers will be used.
Going forward, DNS responses from one of the Protective DNS servers that contain IP address resolutions will trigger outbound allow exceptions for those IP addresses. This ensures that applications and services that use the system DNS configuration will be allowed to connect to the resolved IP addresses.
Traffic is forbidden by default, allowed to IPs resolved only by your trusted DNS servers, and end-to-end encrypted without TLS termination.
So, you’re thinking of building a new thing. It’s going to be a lot like that other thing that already exists. In fact, it seems so similar that lots of folks are asking you why you’re building a new thing rather than using that existing thing, or maybe adapting that existing thing to your needs. [...] Here are some questions that are worth asking yourself as you make this decision.