I work for: https://www.signalsciences.com/ and our tool is specifically designed for use cases like this. Let me know if you would like more info cody-at-signalsciences-dot-com
For anyone that thinks that programming bootcamps are still worth considering. Why not try a free one: https://www.freecodecamp.com/ Really great student curated content!
Typically physical control is deemed as the game ender. If this is proven to be OS executable it will be a major issue. Many of the Adobe, IE, and other high volume exploit vendors codebase zero-day root exploits would allow one to not only gain access at a root level on a machine, but now also at a much lower level. This level would negate the typical benefits of recovering from a root-level "hack" via HDD erasing or Malware Removal tools or any other method available to even tech-savvy people.
Or... one could actually read the response article:
"This bug has been fixed, the affected keys have been rotated, and we have no evidence that Wes or anybody else accessed any user data. "
Really mining is seen as this hardcore active lifestyle when in reality it is rather sedentary. Typically there are jobs for jr. level positions which are very physically demanding. Afer about 2 years experience most people get "promoted" to driving some sort of heavy machinery. Often these positions are union jobs where the workers can easily dictate the pace at which they work. Typically I could spend 8 hours or more in some sort of seat forklift/haul truck/loader or whatever. This may not be the case in Coal Mines in Kentucky, but as you can tell from the pictures many of the workers in mining are not in peak physical condition.
Even in the positions that were physically demanding your body "adjusts" to the workload and it becomes rather similar to sitting in front of a computer basically you go into periods of "auto-pilot" and then other times it was somewhat mentally demanding.
Most mining operations are heavily automated requiring at least some knowledge of I.ndustrial C.ontrol S.systems ICS/SCADA is somewhat of a programming work flow. If this valve is open turn on this other valve once this sensor is tripped turn off this motor and close this valve. From a very simplistic manner this is similar to binary logic.
At least from what I have experienced infosec is very mentally challenging, but it is not a constant demand there are definitely periods where I am in auto-pilot. The best solution for me having gone to a sedentary work life is to walk to work, drink lots of water at work (make you get up to pee alot) and to take walks at lunch.
Absolutely anecdotal. This article nor myself never stated that "the entire out-of-work blue collar worker population" can or even would want to make the jump. Many of these blue collar workers can move into other industries it just so happens that programming is becoming more of a trade skill than an engineering one. There is currently a demand for highly skilled CS engineers. However, the jobs that do not require CS skill sets per se, but rather require "coding" skills are becoming more abundant.
Really my "coding" skills have helped me in other areas opening my eyes in new ways to automating my skill set. One of the best testaments to this was talked about by Zed Shaw http://learncodethehardway.org/blog/MAY_15_2012.html Basically stating that programming is a supplement to other skill sets. The majority of these programming bootcamps/workshops are geared towards onramping rapidly to jobs that would not typically qualify as engineering positions. These jobs typically require whiteboard interviews, but once you actually get on the job your programming skill set is not nearly as utilized as it was during the interview. While I cannot quantify this supposition it would be really difficult to get a company to admit or supply data stating that they interview for rock stars, but have you do "janitorial" code work in reality.
Where the Bloomberg article most failed is stating that they "cannot" learn to code. Pretending that becoming a developer/engineer/coder requires some minimal level of IQ, even the IQ standard is hotly debated, is ridiculous. Just as any other skill set it just requires dedication and commitment.
After eight years in mining I made the jump to coding. However, my coding quickly changed to infosec. So definitely miners can make this jump. This is highly biased, but I would say that many blue collar workers bring a very different work ethic as compared to other workers in the software industry. Miners especially have a comradery that I have not heard of in other industries. In addition to this 80+ hour work weeks were definitely the norm in many mining industries. This type of work ethic has somewhat set me apart from many of my peers.
Can you cite "all Android devices affected"? Cannot find this particular quote in this or any other article. Also what bug report? I found this article and other articles cited, but no bug report from Google or the researcher as of yet.
The article does state "The vuln being in recent version of Chrome should work on all Android phones;" which is factually correct.
This is a "Chrome" bug in so much as the Chrome browser uses the V8 Javascript engine. However, this particular bug could have other consequences as it is stated in this article and others that the bug in fact occurs in the V8 Javascript Engine which is used in Nodejs, Mongo and others.
What is the logic to responding to security disclosures like this? In the reddit world this is called shit posting. Security bug A affects product B (or c-f) someone always responds at least I use g or h on z! Thus, I am immune from this particular security issue! Genuinely interested in why anyone bothers posting this non-sense.
One thing I really liked about the write-up is the thoroughness that everything was explained. Nothing was assumed. The author explains what burp is why it was used. Broke down the basics in a high level and the touched on the simple things. Showed exploits in multiple frameworks. Really a well done article just from a write-up perspective let alone the impact of the issue.
It would seem we are missing each other's. "Club's impose structure, safety rules etc" given this and other automated drones the imposition of structure and safety rules is/can be written into the software. There has been mention of providing no-fly zones that people could register and given a companies interest in brand preservation the drones would respect the no-fly zones as long as untampered with. However, I do understand the risk to life issues that need to be confronted. I just wouldn't leap to the conclusion that there is a mass of people buying drones, acting irresponsibly, and inciting a heavy regulation of all hobby level flying.
While acknowledging the fact that drones being operated by "morons" do not amount to safe. Could you fill me in on what safety features a 3k copter offers over one of these smaller and arguably less threatening drones. Googled a couple "high dollar" copters most seemed to be in range of ~4kg range with large fixed carbon fiber blades as opposed to (in this particular case) a 3 pound object with collapsible polycarbonate blades. Honestly seeing this trend of "automated" drones the only human controlled factor of idiocy would be removed in part due to the automated nature of this drone, this would seem to favor a trend towards safer operations.