This sounds like a poorly through plan, especially from a data security perspective, but the credulous tone of the article just really rubs me the wrong way. It's like reading a celebrity gossip...
Exemplary
This sounds like a poorly through plan, especially from a data security perspective, but the credulous tone of the article just really rubs me the wrong way. It's like reading a celebrity gossip magazine but with a veneer of intellectual superiority.
I hate this trend of finding someone to hate and then ascribing moral value to their actions. The moral failing of Musk is not whether or not he thought before moving his servers, it's that he represents the pinnacle of wealth inequality of US - both in terms of the safety net he was afforded when starting out, and the obscene and disproportionate wealth that he has now. It's him being able to avoid paying taxes, or choose to pay taxes only in the way that's most profitable for him. It's the outsized power and influence that he has due to being able to buy an entire media company outright.
Agreed. I don't care if he kicks puppies, I care more than he has the potential to kick a billion puppies if he wants. Don't forget his outsized influence on world politics - Elon Musk's Shadow...
Agreed. I don't care if he kicks puppies, I care more than he has the potential to kick a billion puppies if he wants.
Don't forget his outsized influence on world politics - Elon Musk's Shadow Rule - new Yorker Aug 2023. He can cripple the entire Ukraine offensive instantly if he so chooses to disable starlink. That's not something that should be able to be done by someone unelected, and someone known to be very friendly with Vladimir Putin.
I like how this is phrased in present hypothetical tense, when he's bound by DoD contract now and has already crippled a Ukrainian offensive once, before he signed the contract.
He can cripple the entire Ukraine offensive instantly if he so chooses to disable starlink.
I like how this is phrased in present hypothetical tense, when he's bound by DoD contract now and has already crippled a Ukrainian offensive once, before he signed the contract.
Agreed on the tone of the article. Hell, if this was an empty server and the only people involved were people who freely (emphasis on that word) agreed to give it a whirl, I'd be all for it....
Agreed on the tone of the article. Hell, if this was an empty server and the only people involved were people who freely (emphasis on that word) agreed to give it a whirl, I'd be all for it. Frankly, my own family has done similar hairbrained moves. Problem is, my family doesn't run a Fortune 500 company (or in this case, my family didn't already have that, and then also buy a massive company handling personal data). They're not people Isaacson will write a biography about, people who can affect the course of global events at the drop of a hat, or with a single tweet. I'd have no issue with Cousin Elon being two steps above Ricky trying to rob an ATM if his influence wasn't so mind-boggingly massive.
On the one hand I always question the 3rd and 4th hand telling of these articles, on the other...yeah this sounds about right. I'll easily admit that the "spirit" musk embodies here (fuck it'...
On the one hand I always question the 3rd and 4th hand telling of these articles, on the other...yeah this sounds about right.
I'll easily admit that the "spirit" musk embodies here (fuck it' there's too much bs, just do it) has some merit. There are LOTS of things that wind up dressed up in obscene amounts of pomp and circumstance that needn't exist.
Moving critical servers, likely violating the server companies procedures and FTC protocols, is NOT one of those situations.
This is sadly why so many people love him though. He won't put up with what he sees as BS, and yep sometimes hes right on the money, but that sure seems to be more coincidence than savvy. The more he's involved with his products the worse they are.
Does he? He spent cash he didn't have, buying Twitter. If Twitter goes bankrupt and he gets sued, then he'll have to burn Tesla stocks, and if he does that too much then Tesla could crash and then...
He's just got the cash to cover his ass.
Does he? He spent cash he didn't have, buying Twitter. If Twitter goes bankrupt and he gets sued, then he'll have to burn Tesla stocks, and if he does that too much then Tesla could crash and then the loans he's used Tesla stock as collateral for would come due, and then he'd be truly fucked.
Or perhaps just broadly: does Elon Musk strike you as a prudent financial steward?
He's the son of a very wealthy diamond mine owner, the sad reality is... yeah, he's got the cash to cushion him even if it all goes wrong. I did some consulting work at a startup over Covid. The...
He's the son of a very wealthy diamond mine owner, the sad reality is... yeah, he's got the cash to cushion him even if it all goes wrong.
I did some consulting work at a startup over Covid. The owner spaffed the business down the drain and it closed the place down after taking a massive salary payout leaving the business £51M in debt. He walked away and lives got ruined.
His daddy, a Lord... protected him by paying the legal fees.
The Rich don't go broke the same as you or I alas. So they get away with murder when they actually work.
Don't get me wrong, I'd give my left nut to see that nazi-sympathising fuckstain on the streets. But it's thinking that will never happen because of his connections.
If we behave like that our neck is on the line. If C-Suite behaves like that, our neck is still on line. It’s only when investors get fed up do they get thrown out of the company. But even then,...
If we behave like that our neck is on the line. If C-Suite behaves like that, our neck is still on line. It’s only when investors get fed up do they get thrown out of the company.
But even then, they resign and then either run their scam at another company or enter soft retirement and pretend to be a consultant.
Martha Stewart leads me to believe that even if they’re a known sheister they’ll still find somebody to fleece out of their money.
Spot on. I've seen C-Suite act like entitled children and get away with it. My current boss is one step in the C-Suite and a Directorship, he constantly acts like a child when things don't go his...
If we behave like that our neck is on the line. If C-Suite behaves like that, our neck is still on line. It’s only when investors get fed up do they get thrown out of the company.
Spot on. I've seen C-Suite act like entitled children and get away with it.
My current boss is one step in the C-Suite and a Directorship, he constantly acts like a child when things don't go his way (Bullying, Passive-aggression, Silent Treatment). But if you get frustrated back... then you're being "very emotional" and it gets exhausting to deal with these grownup children and their selfishness.
But even then, they resign and then either run their scam at another company or enter soft retirement and pretend to be a consultant.
Quick sidebar: is the below quote claiming that Twitter doesn’t encrypt sensitive data at rest? I’m trying to interpret it other ways: I could imagine wanting to put tamper evident seals on the...
Quick sidebar: is the below quote claiming that Twitter doesn’t encrypt sensitive data at rest? I’m trying to interpret it other ways:
The servers had user data on them, and James did not initially realize that, for privacy reasons, they were supposed to be wiped clean before being moved.
I could imagine wanting to put tamper evident seals on the physical hardware to avoid any modifications being made in transit, but turning the server off for transport should clear any keys resident in memory, no? Making the drives completely worthless anyhow.
Thank you for the insight, I had no idea you could do that. I'd like to think they were using it, but let's not forget we're talking about this company (if paywalled can be bypassed by disabling...
Thank you for the insight, I had no idea you could do that. I'd like to think they were using it, but let's not forget we're talking about this company (if paywalled can be bypassed by disabling javascript).
Good point! I would hope that they’d either use a TPM (unlikely), or use something to prevent the page containing keys from getting swapped out (apparently that’s SHM_LOCK? Although admittedly I...
Good point! I would hope that they’d either use a TPM (unlikely), or use something to prevent the page containing keys from getting swapped out (apparently that’s SHM_LOCK? Although admittedly I haven’t implemented this sort of code before)
it's more complicated than "encrypted yes/no" - it's a question of "where do the keys live, and how are they accessed?" with the servers in my homelab, I have them set up so that when they boot, I...
it's more complicated than "encrypted yes/no" - it's a question of "where do the keys live, and how are they accessed?"
with the servers in my homelab, I have them set up so that when they boot, I ssh in to their boot ramdisk and type in a passphrase. at the scale of a company like Twitter, this isn't really feasible, it has to be automated in some way.
one option is for the drives to be encrypted, with the encryption key stored on the server (usually within the TPM or a similar custom-built security chip). this ensures that if the drives are removed from the server, the data can't be accessed. but if an entire server is recovered by an attacker, they would be able to decrypt the data on the drives.
the other big option is for the encryption key to be stored off the server, somewhere else in the datacenter. the challenge then is that the server needs a key or certificate of some kind that allows it to authenticate to the central key-management server and convince it that it should be sent the necessary keys. in this case, an attacker who recovers an entire server still possesses a key that can allow them to request the encryption keys from the central server.
and even though the latter option is "more secure" in some ways, in the scenario here, Twitter was migrating an entire datacenter - so even if they used some sort of centralized key-management setup, those servers were presumably also unwiped and in transit along with the rest of them.
This sounds like a poorly through plan, especially from a data security perspective, but the credulous tone of the article just really rubs me the wrong way. It's like reading a celebrity gossip magazine but with a veneer of intellectual superiority.
I hate this trend of finding someone to hate and then ascribing moral value to their actions. The moral failing of Musk is not whether or not he thought before moving his servers, it's that he represents the pinnacle of wealth inequality of US - both in terms of the safety net he was afforded when starting out, and the obscene and disproportionate wealth that he has now. It's him being able to avoid paying taxes, or choose to pay taxes only in the way that's most profitable for him. It's the outsized power and influence that he has due to being able to buy an entire media company outright.
Agreed. I don't care if he kicks puppies, I care more than he has the potential to kick a billion puppies if he wants.
Don't forget his outsized influence on world politics - Elon Musk's Shadow Rule - new Yorker Aug 2023. He can cripple the entire Ukraine offensive instantly if he so chooses to disable starlink. That's not something that should be able to be done by someone unelected, and someone known to be very friendly with Vladimir Putin.
I like how this is phrased in present hypothetical tense, when he's bound by DoD contract now and has already crippled a Ukrainian offensive once, before he signed the contract.
Since Musk has consistently flouted other contracts and agreements he is a party too, I’d say this is still a pretty valid concern.
Agreed on the tone of the article. Hell, if this was an empty server and the only people involved were people who freely (emphasis on that word) agreed to give it a whirl, I'd be all for it. Frankly, my own family has done similar hairbrained moves. Problem is, my family doesn't run a Fortune 500 company (or in this case, my family didn't already have that, and then also buy a massive company handling personal data). They're not people Isaacson will write a biography about, people who can affect the course of global events at the drop of a hat, or with a single tweet. I'd have no issue with Cousin Elon being two steps above Ricky trying to rob an ATM if his influence wasn't so mind-boggingly massive.
Welcome to every article about Musk recently. It's so tiring.
On the one hand I always question the 3rd and 4th hand telling of these articles, on the other...yeah this sounds about right.
I'll easily admit that the "spirit" musk embodies here (fuck it' there's too much bs, just do it) has some merit. There are LOTS of things that wind up dressed up in obscene amounts of pomp and circumstance that needn't exist.
Moving critical servers, likely violating the server companies procedures and FTC protocols, is NOT one of those situations.
This is sadly why so many people love him though. He won't put up with what he sees as BS, and yep sometimes hes right on the money, but that sure seems to be more coincidence than savvy. The more he's involved with his products the worse they are.
He's just got the cash to cover his ass. If you behave like that in any organisation, your neck is on the line.
Does he? He spent cash he didn't have, buying Twitter. If Twitter goes bankrupt and he gets sued, then he'll have to burn Tesla stocks, and if he does that too much then Tesla could crash and then the loans he's used Tesla stock as collateral for would come due, and then he'd be truly fucked.
Or perhaps just broadly: does Elon Musk strike you as a prudent financial steward?
He's the son of a very wealthy diamond mine owner, the sad reality is... yeah, he's got the cash to cushion him even if it all goes wrong.
I did some consulting work at a startup over Covid. The owner spaffed the business down the drain and it closed the place down after taking a massive salary payout leaving the business £51M in debt. He walked away and lives got ruined.
His daddy, a Lord... protected him by paying the legal fees.
The Rich don't go broke the same as you or I alas. So they get away with murder when they actually work.
Don't get me wrong, I'd give my left nut to see that nazi-sympathising fuckstain on the streets. But it's thinking that will never happen because of his connections.
This doesn't negate anything you said, but his dad owned an emerald mine, not diamond mine.
Ah, must have just lumped him in mentally with the diamond bastards too ha.
Thank you for the correction.
Not sure that's the case anymore as he refinanced the loan.
This sounds like a dream come true, tbh.
If we behave like that our neck is on the line. If C-Suite behaves like that, our neck is still on line. It’s only when investors get fed up do they get thrown out of the company.
But even then, they resign and then either run their scam at another company or enter soft retirement and pretend to be a consultant.
Martha Stewart leads me to believe that even if they’re a known sheister they’ll still find somebody to fleece out of their money.
Spot on. I've seen C-Suite act like entitled children and get away with it.
My current boss is one step in the C-Suite and a Directorship, he constantly acts like a child when things don't go his way (Bullying, Passive-aggression, Silent Treatment). But if you get frustrated back... then you're being "very emotional" and it gets exhausting to deal with these grownup children and their selfishness.
Don't forget the golden parachute!
Quick sidebar: is the below quote claiming that Twitter doesn’t encrypt sensitive data at rest? I’m trying to interpret it other ways:
I could imagine wanting to put tamper evident seals on the physical hardware to avoid any modifications being made in transit, but turning the server off for transport should clear any keys resident in memory, no? Making the drives completely worthless anyhow.
If you just pull the plug abruptly, won't there be stuff in swap?
Linux is able to encrypt swap using keys generated during startup. No idea if that was used there, though.
Thank you for the insight, I had no idea you could do that. I'd like to think they were using it, but let's not forget we're talking about this company (if paywalled can be bypassed by disabling javascript).
Good point! I would hope that they’d either use a TPM (unlikely), or use something to prevent the page containing keys from getting swapped out (apparently that’s
SHM_LOCK? Although admittedly I haven’t implemented this sort of code before)it's more complicated than "encrypted yes/no" - it's a question of "where do the keys live, and how are they accessed?"
with the servers in my homelab, I have them set up so that when they boot, I ssh in to their boot ramdisk and type in a passphrase. at the scale of a company like Twitter, this isn't really feasible, it has to be automated in some way.
one option is for the drives to be encrypted, with the encryption key stored on the server (usually within the TPM or a similar custom-built security chip). this ensures that if the drives are removed from the server, the data can't be accessed. but if an entire server is recovered by an attacker, they would be able to decrypt the data on the drives.
the other big option is for the encryption key to be stored off the server, somewhere else in the datacenter. the challenge then is that the server needs a key or certificate of some kind that allows it to authenticate to the central key-management server and convince it that it should be sent the necessary keys. in this case, an attacker who recovers an entire server still possesses a key that can allow them to request the encryption keys from the central server.
and even though the latter option is "more secure" in some ways, in the scenario here, Twitter was migrating an entire datacenter - so even if they used some sort of centralized key-management setup, those servers were presumably also unwiped and in transit along with the rest of them.