With electrically actuated brakes the default power off state is fully engaged. Meaning if the power dies the brakes lock up. That causes it's own issues, obviously, but a sudden deceleration is better than no deceleration at most road speeds.
edit: as formerlyproven below states, the ones currently for sale also have a hydraulic backup.
Brake by wire passenger car brake systems are still hydraulic... and all of them have a mechanical backup. There is not a single car on the market today using electromechanical brakes.
Unless you're talking about electric parking brakes in a thread about ABS.
Stop blaming the reporter. Start asking kernel to fix their process. Linux kernel is no longer a toy project, it has full time employees employed by various companies. They should have handled notifying distributions. Not some rando.
Look, if they namedrop specific distros in their announcement (marketing) blog post as affected, I think a heads-up before publishing that is appropriate and expected.
I don't think they would have gotten as much flame if it weren't for how the RHEL 14 mention and such were put.
This is a security company with a professional(?) communications department banking on pointing fingers at distro maintainers. We are not talking about solo security researchers or academics here.
Exactly. Any security person absolutely KNOWS that the distros are still going to be vulnerable. They're exploiting this process loophole to knowingly cause chaos and gain notoriety.
At this point this is not really white-hat/ethical hacking anymore.
Ofc the kernel-distro security loophole is stupid and should be patched ASAP, but that doesn't absolve this company of wrongdoing.
Linus should take his trademark autistic rage where he calls other peoples code "dogshit" onto his own work for once. He likes the glory of leading the kernel development but not the responsibilitys like this.
No, I will. The distros and the kernel devs should be talking and moving on high sev patches, sure. But real people will have gotten hurt because the reporter didn't want to wait for that to happen. That's on them.
It's one thing to report a vulnerability, another entirely to make a crazy exploit available for any tom, dick, and harry to take and use. It was irresponsible of whoever came up with it to release it in the world without first giving major distros a head's up.
Bashing on the reporter is pointless feel-good. This is a massive vuln. It was 4 weeks after Kernel had a patch. They had no way to know if others parties had also discovered the vuln. Lord Knows how many millions of systems could already have been rooted. The reporter is not their minion.
If I call 911 to report a fire at an oil storage facility - and they ask me to alert the hospital, then phone the neighboring county's Sheriff Dept., and then...yeah. Either I'm way out in the sticks (and known to/trusted by the 911 operator), or else the 911 service is run by children.
A proof of concept is a very standard thing to include in a disclosure, almost table stakes nowadays because of the amount of bad reports. Once there's any disclosure there will be exploits developed and published anyway, it's not a meaningful difference.
Making a long distance complex network may be expensive, but to connect directly a few computers one can use 25 Gb/s Ethernet at a reasonable price.
Last time when I checked, dual-port 25 Gb/s NICs were not much more expensive than dual-port 10 Gb/s NICs.
If you have a few computers with no more than a few meters distance between them, you can put a dual-port 25 Gb/s card in each and connect them directly with direct attach copper cables, in a daisy chain or in a ring, without an expensive switch.
No, of course I'm not going to if I choose thunderbolt :). But in many cases it's fine because SSDs aren't nearly as noisy as HDDs, so the NAS can just sit under your desk.
For 40+ GbE or fibre I agree they are expensive, but at least you get full performance out of your system. SSDs aren't cheap these days either...
fiber vs DAC isn't really a cost concern st a home level. a 2m LC patch cable is $5 and used bidi cisco optics $5-10 each. not much more for new optics either.
reply