"It's a backdoor. We know we said backdoors are bad and that a backdoor can be used by both good guys and bad guys, but this backdoor is made with Apple-certified lumber."
I worked in HAWK missiles in the Marine Corps for many years. This doesn’t surprise me one bit. In 1994, Block II launchers were still effectively using vacuum tubes. In fact, I still recall the one that faulted the most, from its label in the FM: relay K-9! Ninety-percent of launcher issues were attributed to that old relic of a tube.
Then, in 1995, Raytheon came out with Block III updates, which replaced the entire trunk filled with hardware (about as crowded as a standard engine bay of a modern car) with about 3 PC graphics cards-sized modules, each with an NSN price tag of $170,000 per (don’t worry, you’re paying for the IP, not the physical cards themselves, which iirc were MIL-spec versions of your standed PCI card from back then).
Made my job as a tech so easy, since the launchers never really broke down much after that, save for a hydraulic leak or two out in Dugway or White Sands during a shoot or Red Flag exercises at Nellis AFB. Didn’t see aliens out there but quite a lot of Soviet gear, which we acquired shortly after the USSR’s downfall. MiGs are really cool and reliable, though pilot/user comfort/convenience was not on their MVP list.
Novel. My deploy tracking tool doesn’t integrate with Heroku. It’s a new service so maybe they will at some point, but it’s nice since I can see impact of my deploys with one tool; up until last month, I had tabs open to Sentry, Honeybadger, Clubhouse, and LaunchDarkly. No longer the case—so relieved.
So, do we need to redefine the term “sandbox” as it relates to secure software? Obvi, it doesn’t do what we’ve been told it was supposed to do. Apple uses the term about 600 times per keynote, but we now know it’s been lip service. They either lied or just did a shitty job securing iOS. However, “sandbox” doesn’t necessarily imply secure; that would be a “secure sandbox,” in which case we were all naive, heard “sandbox,” and assumed it was secure, which by default and definition, it isn’t.
Smart. The dev tool I use automatically links my commits to the Jira issue that initiated the project/fix/update. The key and sha are forever linked. It does the same with Clubhouse.
I use Gitbook to create dev docs and it incredulously doesn’t pass merge messages to GitHub via its integration. A big fail, imho. All you see in GitHub is “Gitbook updated ## files.” I mention this because I could use this flag to see if I can add a manual process to get my messages assigned to corresponding commits.