Egg (luxury good)
Egg (fine art investment)
Egg (timekeeping device)
Egg (weapons component)
Egg (arcane object from the beforetimes)
Egg (an intensive body, crossed with several zig-zagging lines of vibration, changing its shape as it develops without being compartmentalized through organs)
Egg (platonic)
Egg (linkedin stratagem)
Egg (institution within the EU)
Egg (egg 2)
Egg (theatrical prop)
Egg (de-escalation technique)
Egg (award)
Egg (void)
Egg (inflation driving device)
Egg (controversial SCRUM variant)
Egg (vehicle capable of attaining escape velocity)
Egg (panacea)
Egg (quantum strings made of dark matter)
Egg (library classification system)
Egg (video game controller)
Egg (severance package)
Egg (bro magnet)
Egg (noble house)
Egg (notification)
Egg (tool of international diplomacy)
Egg (contraband)
Egg (phone phobia therapy)
Egg (apocalyptic disco musical)
Egg (dark UI)
Egg (moon)
Egg (green card equivalent)
Egg (malicious compliance)
Egg (GNU/Egg)
Egg (2525 cameo)
Egg (vaccine ingredient)
Egg (acapella vocal edit)
Egg (entry fee)
Egg (egg)

The post You have got to be kidding. appeared first on Indexed.

Loving this deep dive on Hyman Rickover by ChinaTalkand Charles Yang. A couple quotes:

Rickover spent an inordinate amount of time focused on interviewing personnel — he made the final hiring decision for every naval officer who applied to serve on a nuclear submarine until he retired

Another Rickoverian approach was his famous “Quaker meetings”. When disputes arose between the Naval Reactors and the contractor, or when trust had become frayed over too many disagreements and miscommunications, Rickover would send his staff and the contractor staff to a retreat location for a weekend, a week, or however long as needed. They would meet with no parliamentary procedures or formal meeting agenda and simply talk out their issues until they could “deal with each others as individuals, not as spokesman for either organization” and come to a consensus on a path forward and build mutual trust.

Some other themes that stood out:

• Parallel tracking wherever there is risk (technical risk, bureaucratic risk)

• A focus on consensus building

• Focused on finding talent

• Demanding of that talent

• High trust relationships

I’m repeatedly struck by how the leadership style of the generation of Americans that lived through the Second World War. It seems more pragmatic, demanding, and less hierarchical / political.

I was there at the first Atom meeting at the Google offices. We meant so well! And I think the basic publishing spec is good, certainly better technically than the pastiche of different things called RSS.

Alas, a bunch of things then went wrong. Feeds started losing market share. Facebook started doing something useful and interesting that ultimately replaced blog feeds in open formats. The Atom vs RSS spec was at best irrelevant to most people (even programmers) and at worst a confusing market-damaging thing. The XML namespaces in Atom made everyone annoyed. Also there was some confusing “Atom API” for publishing that diluted Atom’s mindshare for feeds.

— Nelson Minar, Comment on lobste.rs

Tags: atom, syndication, nelson-minar, rss

Okay, first off, everybody breathe. Everyone is freaking out. This is not the way to do this.

Right, so, let me try a half-assed analogy here. There's a day care center and a bunch of people send their kids to it. Then one day, someone finds out that they built the playground out of the sharpest materials available. It's not that the playground is from the '70s or something, either. It's relatively new.

Saying "maybe you don't want to send your kids there" is what I did.

Now, so, this is a bad analogy, because I didn't go into details. In this case, I'd rather the world have a chance to turn this stuff off before it becomes known just what all is possible. The nature of this sort of thing means it's a race and I'm on the side of protecting machines for some reason, so I asked people to stop running it.

Now, first off, I don't know exactly how to exploit this sort of thing. I was there in the 90s when this overflow stuff started popping off, and I'm pretty sure that if you can do this, you can do much worse.

This is what I'm talking about:

Terminal 1:

user1$ random-tool

Terminal 2:

user2$ atop
malloc(): corrupted top size
Aborted

... that's pretty bad, right?

So you twiddle the tool a little bit and go again and...

user2$ atop
Segmentation fault

That's not great, either!

Or... how about...

user2$ atop
Fatal glibc error: malloc assertion failure in sysmalloc: (old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)

Again, this is not my world. I've never written a heap exploit, but reading about it briefly makes me think that there's meat on these bones.

user1 does something... and gets user2 to blow up. If you can make that do something useful, then you get user2 to run stuff on your behalf.

What if user2 is root? Then you own the box.

Okay? So maybe stop running it as root, but also just stop running it.

This is an edition of The Atlantic Daily, a newsletter that guides you through the biggest stories of the day, helps you discover new ideas, and recommends the best in culture. Sign up for it here.

The defense of the United States is a serious business. Breaches of national security are especially dangerous. So perhaps I should not have laughed at the reactions of Donald Trump and his staff and Cabinet members to the revelations by The Atlantic’s editor in chief, Jeffrey Goldberg, and staff writer Shane Harris about a group chat on Signal (one that accidentally included Jeff) dedicated to planning strikes on Houthi targets in Yemen.

I laughed because I am a former government employee and Senate staffer with a fair amount of experience in dealing with classified information, and the administration’s position that nothing in the chat was classified is ludicrous. Secretary of Defense Pete Hegseth added a bit of topspin to that position on Monday when he got off a plane in Honolulu and, seemingly in a panic, fulminated against Jeff and tried to deny that any “war plans” were shared in the chat.

Over the next 24 hours, the excuses became even more laughable. National Security Adviser Michael Waltz went on Fox News, accepted “full responsibility,” and called Jeff “scum.” But then Waltz suggested that The Atlantic’s editor in chief had perhaps hacked or schemed his way into the chat, and that this possibility had to be investigated.

What’s funny—again, in an awful way—is that Waltz is the person who invited Jeff into the Signal group. (If you’ve never seen the “hot-dog man” meme, it’s an image of a guy in a hot-dog costume pleading with a crowd to find the person responsible for crashing a nearby wrecked hot-dog car. It’s being used all over social media in relation to this story, and for good reason.) Also appallingly funny is that the president’s own national security adviser doesn’t seem to understand that discussing on an app the details of a U.S. military strike and then admitting that a random person could find himself in the middle of such a discussion—it’s not like he waltzed his way in, if you’ll pardon the expression—makes this whole story even worse.

This morning, the full context of one of the most stunning security breaches in modern military affairs became even clearer when Jeff and Shane released the texts. The messages show that the entire conversation should have been classified and held either in a secure location or over secure communications. (I held a security clearance for most of my career, and I saw information far less specific than this marked as classified.) Hegseth, in particular, was a volcano of military details that are always considered highly classified, spewing red-hot information about the strikes, the equipment to be used, the intelligence collected in deciding on targets, and the sequencing of events.

[Jeffrey Goldberg and Shane Harris: Here are the attack plans that Trump’s advisers shared on Signal]

None of this is funny. If any of this had leaked at the moment Hegseth blathered it over Signal, American servicepeople could have died. (As my friend David French at The New York Times wrote on Monday, if Hegseth had any honor at all, he wouldn’t wait to be fired. He’d resign.)

But I couldn’t help it: I laughed at the reaction of top Trump officials. As I read White House Press Secretary Karoline Leavitt’s grammatically challenged statement, in which she claimed that information included in the conversation was “sensitive” but not “classified,” I thought she was trying to engage in some sort of not particularly convincing parsing. But listening to her briefing later in the day, I realized that Leavitt doesn’t seem to know the first thing about classified information. Unfortunately, apparently neither does Hegseth, nor CIA Director John Ratcliffe, nor any of the other people involved in this mess.

And I’m not the only one laughing. During a hearing today, Representative Raja Krishnamoorthi of Illinois tried to get the director of the Defense Intelligence Agency, Lieutenant General Jeffrey Kruse, to admit that the messages Hegseth sent over Signal did in fact include classified details of weapons systems. Kruse hemmed and hawed, until Krishnamoorthi just chuckled.

That didn’t stop Sean Parnell, the chief Pentagon spokesperson, from putting out yet another howler of a statement today, claiming that the “hoax-peddlers at the Atlantic have already abandoned their ‘war plans’ claim” and that the Signal messages “confirm there were no classified materials or war plans shared. The Secretary was merely updating the group on a plan that was underway and had already been briefed through official channels.”

Either Parnell does not know that this is nonsense or he’s intentionally obfuscating. (The strikes were not, in fact, under way, and American forces would have been more vulnerable to enemy action without the element of surprise. The Atlantic has also not “abandoned” any of the claims in its reporting.) The administration is, in effect, banking on the reality that most people never encounter military terms or classified information, so I’ll explain what it’s like to deal with those kinds of materials under more responsible administrations.

Ratcliffe continues to insist that no classified information was discussed in the chat—despite the fact that he revealed the name of a CIA intelligence officer. (Jeff and Shane, in accordance with a request from the CIA, did not release that one message in this morning’s revelations, another example of how The Atlantic has been more concerned and careful about such matters than Ratcliffe and the other participants in the chat.) The names of intelligence officers are carefully protected, and I’m pretty sure I know the difference here, because I was once married to a CIA analyst. She was an open employee, meaning she could say where she worked. But the agency has many people—and not just spies—who protect their identity, not only to allow them to move more freely in various assignments but also for their own safety.

Indeed, while she and I were dating, the U.S. and its allies launched the first Gulf War in the winter of 1990–91. She worked at Langley with a CIA clearance, and I was on the personal staff of a senator with a top-secret Defense Department clearance. She knew a lot about what foreign countries were doing. I knew a lot about our military movements and the state of the enemy’s forces. We did not discuss classified information with each other even in the privacy of our own homes. We would laugh over dinner because we both had things we wanted to share but couldn’t. We had sworn not to discuss classified information outside a secure environment with people who did not have the appropriate institutional clearances—so, like the two adults we were, we just didn’t. That’s common across the classified world, then and now.

Now, let’s get to those Hegseth texts. The administration apparently thinks that “war plans” and “attack plans” are different, and as a general observation, they are. But that’s because detailed attack plans are vastly more dangerous than almost any other plans if they’re released. “War plans,” a term that doesn’t really have a particular meaning in the world of military documents, presumably refers to some scenario for a hypothetical future conflict, but if Hegseth’s position is that he didn’t release “war plans” and instead released only the details of the imminent movements of U.S. military forces, then he is not only reckless, he also doesn’t understand some basic concepts about defense planning, operations, and national security. Some of Hegseth’s defenders now claim that he’d likely declassified all of these details by the time they appeared in the chat. Declassification is within his power; if he chose to declassify the details before the operation was launched, however, then he is more incompetent than even his critics realize.

[Jeffrey Goldberg: The Trump administration accidentally texted me its war plans]

Think of it this way. Imagine your local police department is trying to deal with the threat from a local drug gang. “We have concerns about this gang” and “We will act to arrest these bad guys” would be unclassified. (Many police departments, by the way, do have intelligence units and produce restricted information.) “Our undercover officers have been watching this house” might be classified: You don’t want the bad guys knowing what you know or how you know it. (These are the “sources and methods” often referenced when talking about such information.) “We are going to execute a warrant at this hour, in this place, with this many people, armed with the following weapons” would be extremely classified. If that information is released early, the gang knows that the good guys are on the way—and might choose to ambush the cops.

Hegseth spilled the equivalent of those details just hours before the strike. Perhaps he didn’t know what he was doing, and he was almost certainly just showing off. But he put lives at risk by transferring information that is always classified at a high level to an unclassified system—the Signal app—one of the basic sins every government employee is warned never to commit when handling such materials. He then splattered that information across a chat to more than a dozen other people who had no need to know any of it. (“Need to know” is a very restrictive condition: Did Hegseth think anyone in that chat was going to pipe up at the last minute and say, “Wait a moment, Pete, maybe we should rethink sending the Tomahawks in after the second strike”?) In any case, “need to know” definitely does not include a reporter added to the chat by accident.

The president said yesterday that no classified information “as I understand it” was included in the chat, inviting some unsettling questions about what the president does and does not understand. (Trump today mentioned “a bad signal”; as CNN noted, he was “apparently conflating the name of the Signal app with an error in the communications.”)

For anyone who has a bit more competence in dealing with classified material, especially during wartime, seeing top defense and intelligence officials be so sloppy, and do things for which lesser mortals would be fired or even prosecuted, is vertigo-inducing. Watching them flail, make excuses, and try to evade responsibility is both nauseating and amusing. But realizing the risks these senior officials took with the lives of American military personnel is enraging—and should be to every sensible American, no matter their party or cause.