IphtashuFitz

IphtashuFitz , 11 days ago

That’s an optional software upgrade. It’ll cost you $12.95 a month.

IphtashuFitz , 11 days ago

Just support contactless payments. Then people can just tap their phone, Apple Watch, credit card, etc.

This sounds to me like a solution looking for a problem…

IphtashuFitz , 12 days ago

Tesla has both a gigafactory and a Supercharger factory in mainland China. Any semi-competent CEO would recognize that publicly advocating for tariffs on China would have a good chance of backfiring. China could easily turn around and slap 100% tariffs on everything coming out of those two factories in retaliation.

IphtashuFitz , 12 days ago

My only problem is our driveway is 700 feet long, uphill & through trees. I seriously doubt my WiFi reaches it…

IphtashuFitz , 12 days ago

Doesn’t prevent Amazon from occasionally sticking smaller packages in our mailbox…

IphtashuFitz , 17 days ago

Once the infrastructure (conduit, circuit breakers, cable, etc.) is in place then swapping out the charger at the end of it is pretty much trivial.

IphtashuFitz , 25 days ago

Personally I’d call that a safety issue. A few years ago my wife and I were driving a rental car that was rear ended on the highway by a drunk driver. The impact caved in the left rear wheel and spun us 360 degrees across 3 lanes of the highway. Within a few seconds of coming to a stop an OnStar person was talking to us, asking if we were ok and confirming our location.

We had no clue ahead of time that the rental car had one of these services, but at that moment we were very happy it did. I honestly have no idea about the privacy ramifications, etc. but having been through that experience I’d think long and hard about disabling it outright. I do take my privacy seriously, but I’d have to weigh that against the safety of me & my family in that kind of situation and disable it only as an absolutely last resort… Just my own personal $0.02 on the matter.

IphtashuFitz , 30 days ago

That truly depends on how secure Ecobee made it… I’ve seen some smart devices that use SSL (https) for all communication and do some sort of certificate authentication, making it virtually impossible to decrypt its communication protocol without a valid private key…

Having said that, it’d be nice if Ecobee took the initiative and opened up these older devices, if they could do so without comprising the security of all their others.

IphtashuFitz , 30 days ago

• The AI will shut off before an impending accident just to transfer the blame onto the human.

I may be mistaken but I thought a law was passed (or maybe it was just a NHTSA regulation?) that stipulated any self driving system was at least partially to blame if it was in use within 30 seconds of an accident. I believe this was done after word got out that Tesla’s FSD was supposedly doing exactly this.

IphtashuFitz , 1 month ago

I own a Tesla and was offered 30 days of free full self driving. I refused to try it for a number of reasons.

• The routing in the navigation system has numerous issues like thinking it can’t turn left at intersections where you actually can. It results in less than optimal routes, and there’s no way to report those sorts of issues.
• FSD relies on the same camera system that Autopilot (traffic aware cruise control) uses. I’ve had Autopilot slam on the brakes for no obvious reason, swerve to avoid nothing, etc. If it has issues like that then chances are FSD will be just as bad.
• The cameras are also used to control the automatic windshield wipers, and they can turn on without warning in bright sun, etc.
• Same with the auto high beams, which are required by Autopilot & FSD. I refuse to use them because they can turn on & off a lot when there are cars approaching me.
• I regularly get alerts that cameras are obscured by bright sun, low sun in the sky, etc.

In other words, the systems that FSD rely on are clearly still buggy. So I refuse to use FSD until it’s clearly demonstrated the bugs in those systems are fixed.

IphtashuFitz , 1 month ago

I thought Congress reacted to this by passing a law that states a self-driving system is at least partially responsible if it was in use up to something like 30 seconds before a crash…

IphtashuFitz , 1 month ago

Our house has 5 heating & 2 AC zones that I installed Ecobee thermostats on. Three rooms also have skylights that can be opened. When we open the skylights the thermostats all turn off, and when closed they turn them back on to the mode they were previously set to.

Our house is set back in the woods on a long driveway. When either me or my wife arrives home after dark all the driveway / walkway lights turn on. And when we’re both away they all turn off.

I also have a “bedtime” button on my phone that turns off all the lights, locks the doors, turns off our WiFi speakers, puts all the Ecobees into sleep mode, etc.

IphtashuFitz , 1 month ago (edited 1 month ago)

What's confusing about it? A recall in the automotive world has a very specific definition, and it covers not only software related issues but hardware related ones as well.

The National Highway Traffic Safety Administration (NHTSA) is a part of the US Department of Transportation, and they publish a 20 page pamphlet that describes what a recall is. Here are the relevant parts from that brochure:

The United States Code for Motor Vehicle Safety (Title 49, Chapter 301) defines motor vehicle safety as “the performance of a motor vehicle or motor vehicle equipment in a way that protects the public against unreasonable risk of accidents occurring because of the design, construction, or performance of a motor vehicle, and against unreasonable risk of death or injury in an accident, and includes nonoperational safety of a motor vehicle.” A defect includes “any defect in performance, construction, a component, or material of a motor vehicle or motor vehicle equipment.”
Generally, a safety defect is defined as a problem that exists in a motor vehicle or item of motor vehicle equipment that:

• poses a risk to motor vehicle safety, and

• may exist in a group of vehicles of the same design or manufacture, or items of equipment of the same type and manufacture.

Furthermore:

The National Traffic and Motor Vehicle Safety Act gives NHTSA the authority to issue vehicle safety standards and to require manufacturers to recall vehicles that have safety-related defects or do not meet Federal safety standards.

In other words, federal law gives NHTSA the authority to issue recalls for any defect that is considered a safety defect. There is no qualifier for it having to be mechanical in nature.

I've had software-related recalls issued for both a Toyota and a Honda that I used to own. The Toyota one resulted in them sending me a USB stick in the mail and telling me how to install it in the car (basically plug it into the entertainment system and wait). The Honda one required a trip to a dealer to update the software in the ECU to prevent the cars battery from dying due to the alternator being disabled improperly. Just because these were software related in no way means they weren't recalls. They were both mandated by NHSTA, both resulted in official recall notices, etc.

Edit: Just for fun you might want to go to https://www.nhtsa.gov/recalls and do a search there. If you enter "Tesla" in the field for "VIN or Year Make Model" you can browse all their recalls. The very first one on this page is titled "Incorrect Font Size on Warning Lights". That's most definitely a software recall. It's assigned NHSTA recall #24V051000, and they list the affected components as "ELECTRICAL SYSTEM". If you read further it also shows the remedy was an over-the-air software update.

IphtashuFitz , 1 month ago

By your logic, the software bug in my Honda’s ECU would be called a recall because it required me going to a dealership and having them perform the software update. An owner can’t simply download and install ECU updates themselves in the vast majority of cases.

But then by your same logic the software update that Toyota mailed to me on a USB stick for my Prius shouldn’t be called a recall because I was able to plug the USB stick into the car myself. The only reason Toyota mailed that USB stick to me and thousands of other Prius owners is because they were legally required to fix a software bug identified by NHTSA in a recall notice. Toyota decided the USB approach was better than having all of us drive to dealers to have them apply it.

And the various over-the-air software updates that Tesla, Rivian, and others shouldn’t be called recalls either by your same logic.

Why cause confusion over calling software updates different things based solely on who installs it and/or how it’s installed? In all these cases NHTSA received reports about a safety issue, opened a formal investigation, and ultimately issued a legally binding directive to the manufacturer that required them, by law, to address it. That legally binding directive is a recall notice, and it can apply to software that you have to visit a dealer to install, or to software the owner can install, or to software the manufacturer can install automatically.

That entire process is what makes something a recall. Not how it’s addressed in the end.

IphtashuFitz , 1 month ago

But they are NOT different things. In every one of these examples:

1. A safety issue is identified
2. NHTSA opens an investigation
3. The cause of the issue is identified by the manufacturer and reported back to NHTSA
4. NHSTA approves the proposed remedy
5. The manufacturer sends the recall notice along with instructions on the remedy to all known vehicle owners, as required by NHTSA

The only thing that is different in this entire process is how the remedy is applied. Every single step other than that is identical.

IphtashuFitz , 1 month ago

You died every week (from diabetes)?

IphtashuFitz , 1 month ago

I got royally screwed by the federal government personnel data breach that happened a number of years ago. As a result I have free identity theft monitoring with a really good company for the foreseeable future.

IphtashuFitz , 1 month ago

Cloudflare, like Akamai and others, provides a number of services that include proxying, CDN, web security (WAF), bot detection & protection, image optimization, and more.

Cloud providers like AWS, Google, and MS provide similar services as well, but typically to a lesser extent. I’ve worked with Akamai, Cloudflare, and AWS, and find Akamai’s to be the most powerful/flexible/customizable.

IphtashuFitz , 2 months ago

I’m really impressed with the breadth of devices homeassistant supports. It tracks the location of me & my wife via our iPhones. When we arrive at home after dark it turns on the exterior lights via zwave. We have 4 WiFi enabled ceiling fans from Big Ass Fans it can control, along with our Ecobee thermostats. Our washer & dryer use Insteon IOLinc modules to notify us when cycles are done. And in a few months we’re having a solar system & Powerwall installed, both of which have home assistant integrations as well.

IphtashuFitz , 2 months ago

That’s yet another reason to use a DNS as blocker, and not let your browser use DNS over https.

I haven’t done it myself yet, but I figure that sooner or later I’ll need to update my router to block all outbound DNS that doesn’t go through my DNS ad blocker. Some devices try to use their own hardcoded DNS to get around them…

IphtashuFitz , 2 months ago

A multi-layered approach is the best approach. My pi-hole blocks advertising domains, malware domains, etc. That helps tremendously with all the “smart” devices that include DVRs, streaming devices, etc. where you can’t install something like ublock. I also make sure something like ublock is installed wherever possible.

IphtashuFitz , 2 months ago

DNS blocking is about the only way to block ads & tracking on things like streaming devices. You can’t install Firefox or uBlock on an Apple TV for example. You can block ads on many of the apps on the Apple TV as well as all the telemetry they try to collect with a well configured pi-hole and selected DNS blocklists.

IphtashuFitz , 2 months ago

Be careful what you ask for and how any laws are written. I knew a guy who became a paraplegic after a helicopter accident. He actually walked away from the accident but months/years later damage to his lower spine caused a blood clot that rendered him largely unable to use his legs.

He was wheelchair-bound when I met him, but one day a few years down the line I walked into a room to find him standing & walking. He told me he had even been able to climb a ladder to replace a light bulb. He’d been on a medical trial that was clearly promising. Unfortunately side effects piled up, he had to stop the trial, and he again ended up in a wheelchair.

Granted this wasn’t the same as a medical implant trial, but if strict laws are enacted that required companies to support medical devices, drugs, etc. then I’d be very afraid of the impact it would have on research and trials like these. No company is going to want to risk lawsuits, etc. so they’ll just stop innovating, or at least cut back a huge amount.

IphtashuFitz , 2 months ago

Worse, what happens if cybercriminals are able to successfully steal a large number of the countries bitcoin, or if they somehow lose access to their bitcoin wallet(s)?

IphtashuFitz , 3 months ago

https://www.uspis.gov/wp-content/uploads/2019/05/USPIS-FAQs.pdf

Per #4 they need a warrant to open first class mail only. All other mail they can open without a warrant.

If it’s first class and they think the contents violate federal law then they can get a warrant. I doubt many legitimate pharmacies etc. ship pills via first class, and certainly not with a bogus return address. If they saw a pattern of that I would expect a warrant wouldn’t be too difficult to get.

IphtashuFitz , 3 months ago

20+ years ago I managed the installation of a high performance compute cluster purchased from IBM. Their techs did all the initial installation and setup, right down to using their well known default password of “PASSW0RD” (with a zero for the ‘o’) for all root/admin accounts…. It took less than 20 minutes for it to be compromised by an IP address in China.

At least other vendors like HP use random root/admin passwords printed on cards physically attached to new equipment…

IphtashuFitz , 3 months ago

Years ago I worked for a company whose servers were in a highly secure facility. I had to pass through a “person trap” to get in, which required three independent things to get through: something you have, something you know, and something you are.

Imagine a booth about the size of a phone booth, with doors on both sides. To open the outer door you need a card key. Once inside the outer door closes. To open the inner door you need to put your hand on a hand scanner, then enter a PIN. Only then will the inner door unlock and let you inside. I was told that the booth also weighed you and would refuse to let you through if your weight was something like 10% different from your last pass through. That was to prevent other people from piggybacking through with you.

Lots of people think that’s all overkill until I explain that it’s all to ensure an authorized person, and nobody else, could get through. A bad actor could steal my card key & might guess my PIN, but getting around my hand scan & weight would be extremely difficult.

The closer we get to this sort of multi-layer authentication with websites the happier I am. I want my bank account, etc. protected just as well as that data center…

IphtashuFitz , 3 months ago

Exactly. See my reply in another thread where I describe a “person trap” that I used to go through to get into a secure facility. Its biometric check analyzed the geometry of your entire hand. It wasn’t just a fingerprint scanner.

IphtashuFitz , 3 months ago

I never screwed up entering my PIN or failed my hand scan, so the trap door never opened up while I was in it…

IphtashuFitz , 3 months ago

How many gas powered cars can go 1000km without refueling?

IphtashuFitz , 3 months ago (edited 3 months ago)

After driving non-stop for 200+ miles I’m more than happy to take a break for 15-30 minutes to stretch my legs, hit the bathroom, grab some food, etc. My wife and I have done precisely this on multiple road trips that we’ve taken in our EV.

IphtashuFitz , 3 months ago (edited 3 months ago)

Quora was just Ask Jeeves 2.0… Both relied on human “experts” and neither could figure out a long term monetization plan.

IphtashuFitz , 4 months ago

I use .home for my home network…

IphtashuFitz , 4 months ago

Hate to break it to you but all the major CDN providers do the exact same things. My employer runs multiple websites mainly for US and European users. We use Akamai for both CDN and WAF services. For any CDN and/or WAF to operate properly it needs access to unencrypted content. Part of Akamais WAF tools includes what they call Bot Manager, which can identify traffic coming from over 1000 known bots and can also classify unknown ones. Part of how it works is by browser fingerprinting as well as TLS session fingerprinting and other proprietary fingerprinting.

So any time you visit a large website you’re likely being fingerprinted and otherwise analyzed by the CDN and security tools used by those sites.