Nuclear Monster

  • Chuck Jones writing in the Washington Post:

    At the Carrier plant on the west side of Indianapolis, we’re coming up on a bitter anniversary. One year ago this week, President-elect Donald Trump stood before hundreds of cheering workers and declared that he had saved our jobs from moving to Mexico. It was a symbolic moment that cemented Trump’s campaign image as a working-class champion — a blue-collar billionaire who would stand with workers, not CEOs.

    I have been a worker at the Rexnord plant in Indianapolis for 48 years, and president of United Steel Workers Local 1999 for more than 30. As the leader of the union representing the Carrier workers, I was part of the negotiations with the company regarding the coming layoffs when Trump intervened. Standing in front of the president-elect at Carrier during Trump’s first victory rally after the 2016 election, I realized that he was delivering a powerful message of hope not only to Carrier workers, but also to all working people in America: You finally have a president who will fight for the interests of ordinary workers, Trump seemed to say.

    A year later, we feel betrayed. Carrier has announced that more than 600 workers are being laid off, with the last line scheduled to work their final shift right after the holidays.

    The workers at Carrier aren’t the only ones who feel victimized by Trump’s false promises. United Technologies, Carrier’s parent company, is laying off another 700 workers right up the road from the Carrier plant in Huntington. And Rexnord, another plant in Indianapolis, just closed its doors, too. Workers at both plants hoped that Trump would come to the rescue, but he never showed up.

    Keep reading.

  • Apple has another serious software flaw, this one isn’t a security vulnerability but it causes some iOS devices (iPhones, iPads) with third-party apps installed that use local notifications to get stuck in a reboot loop on December 2nd. iOS 11.2 is out now and resolves the issue along with adding other features like Apple Pay Cash to send money to your friends and family, and resolves other issues. If you’re already experiencing the reboot loop then Apple has some steps for you to do before updating.

    Other workarounds include setting your time back by a day or disabling notifications for the apps that cause it, but it’s better to just update.

    Some people have an idea that staying on an older version of the software is more stable or more secure, this is always a bad idea in our day of networked devices that are constantly under attack from governments and other bad actors.

    It must really be crappy to be on the teams responsible for these issues this week but it’s difficult to blame anyone specifically for them. With the root exploit it looks like a reasonable mistake that could happen to anyone. We don’t have all the details of the December 2nd bug yet, but both of these issues require an extremely specific set of things to go wrong before they happen. I have no doubt that Apple’s QA processes will change to include testing for these kinds of issues, but there isn’t any perfect software. What they have done well is the delivery mechanism for getting those updates out to users.

    When Android has issues like these they are difficult to resolve because so many different companies have to get involved in order for updates to get released to end-users. I don’t envy anyone trying to resolve that issue at Google.

     

  • Go to the Updates tab in the Mac App Store to apply it now, you won’t even need to reboot. Apple has more details about the update at this link.

    Here’s the post from yesterday with the details of the vulnerability.

    Update:
    If you have any trouble with file sharing after applying this security patch Apple has another fix for that, oops.

  • There’s a vulnerability in the latest version of macOS High Sierra (10.13.1) that may let anyone with physical access to a Mac log in and gain system administrator (root) access. Or, if they already have an account, upgrade their access to the system administrator (root) level.

    You can work around the issue by setting a root password as described in this support document from Apple. They’re working on fixing it.

    The vulnerability works like this:

    1. At any login or a privilege escalation dialog a user types in the username root
    2. The user hits the login button or enter a few times in quick succession
    3. The system enables the root user account and assigns it no password.

    This is incredibly bad for Apple to have a vulnerability this easy to exploit, and it’s ridiculous that it was also apparently publicly available on Apple’s developer forums weeks ago.

  • With most fan-made productions you’re kind of left to go “oh it’s good… for a fan show.” That isn’t the case for Star Trek: Continues’ continuation of Star Trek’s original series. Continues is better than the new reboot movies, it’s also better than many of the shows after Deep Space 9. This show’s cast is excellent, the episodes are entertaining and have just the right amount of morality while still leaning into what made TOS so good.

    Unlike Discovery you won’t have to subscribe to CBS’ crappy streaming service to watch Star Trek: Continues. Above is their playlist that has the full run of the show for free.