2018-02-19

Intel ME OS is Minix3 -Google wants Linux

17.11.6: news.cyb/sec/Intel Mgt Engine OS is Minix3 while Google wants Linux:
2018: summary:
. below the OS level is hypervisor,
and below hypervisor level is
the ME (mgt engine).
. it allows the maker of the pc
to do updates even when power seems off,
as long as there is internet.
. the ME uses the secure Minix OS kernel,
but also includes a web browser,
and other huge amounts of functionality
that you can't get the bugs out of,
so Google suggests replacing it with
a Linux kernel and less functionality.
. this has the potential to be a back door
with which the national security agencies
can better protect us from terrorists
and others who take advantage of privacy.

2018-02-18

@walmart tax cut? buy a better checkout system like @sproutsfm

2017: mis.aq/walmart/@walmart tax cut? buy a better checkout system:
. I frequent the Walmart located at
Kolb & Speedway, Tucson, AZ;
in 2017 I started storing a lot of canned food;
often I would bring 12 or more of the same item;
double charged by cashier?
I'll try my luck at self-checkout;
I double charged me too?!
. the display has only 10 lines
and displays each item on a new line,
instead of using just one line
to show you how many times
you entered the same type of item;
so, it's not obvious from looking at the display
whether or not an item scanned
when you have more than 10 of the same item type.
. it would be easier if the new system would tell you
how many times you entered that item
rather than listing each entry separately
(like occurs when using the cashier
and their one-line display
tells you what just got scanned).
. doing that would also save a lot on receipt paper:
instead of 12 lines of canned greens,
there would be one line saying:
12 x canned greens.
-- @sproutsfm has a system like that,
and it is very easy to check for charging errors;
whereas, on the Walmart receipt,
it lists each item on a separate line,
making the receipt difficult to check
for cashier or machine errors.

2018-02-14

early #AMD reversal with high-dose fish oil #med #blindness

2.12: med/amd/fisho
2.13: summary:
. AMD is a major source of blindness;
studies show that in its early stages,
it can be reversed with fish oil;
and that a key marker of healing
is there being nearly as much EPA
as the body has of AA;
fish oil supplements vary in EPA;
eg, le caps have 0.35g of EPA;
along with EPA from fish oil,
you also need to lower AA levels:
keep insulin low (avoid grains and sugars);
limit omega-6 oils and most of all
be wary of AA in fatty animal products,
especially eggs and chicken.
if you get all your fish oil from fish meat
you also get some AA along with
dioxins, PCB's and mercury].
. AMD reversal was indicated by
the ability to read more letters
on a chart with increasingly smaller letters:
8 more letters at aa/epa ratio of 2-2.7;
[from perhaps 4 le caps per day]
15 letters at aa/epa ratio of 1.1-1.6
[from perhaps 8-12 le caps].
. the study applied the oil in 2 doses.
. rancid fish oil can do more harm than good
so it's important to pick a brand
that is 3rd-party tested for low rancidity
and also has powerful antioxidants
such as rosemary or olive extract.
. when taking high-dose fish oil
you should add more antioxidants,
and also ensure you get some GLA
that is blocked by high-dose DHA
(oats are a source of GLA).

2018-01-16

call for increasing offensive cyber capability

1.3: news.cyb/sec/call for increasing offensive cyber capability:
. the military wants to focus on cyber offense;
the thing to keep in mind with offense,
is it involves placing vulnerabilities
in the hardware that is used internationally;
and that will affect the security of everyone
when those vulnerabilities get out
into the hands of cyber criminals.

apps using #Python may be vulnerable

1.2: news.cyb/sec/lang/python/undocumented methods:
Liam Tung 2017:
IOActive researcher Fernando Arnaboldi
revealed Python has "undocumented methods
and local environment variables
that can be used for OS command execution".
ref:
blackhat presentation:
Exposing Hidden Exploitable Behaviors in Programming Languages
Using Differential Fuzzing:
A differential fuzzing framework was created to detect
dangerous and unusual behaviors in
similar software implementations.
1.16: the paper:
. some Python commands are undocumented because
they are for deprecated functions;
meaning don't use the functions in new code,
but for backward compatiblity we are
keeping the function in place undocumented.
. documentation can be there to warn you
that a function doesn't check its inputs,
so you shouldn't feed it data from an untrusted source.

#Chinese calendar similarities to #Judaism

1.1: web.relig/judaism/Chinese calendar:
. the Chinese calendar has some
similarities to the Jewish calendar:
it is lunisolar, with some holidays on
the 15th (full moon),
eg, the Lantern Festival
is on Chinese calendar's 1.15.
eg, Mid-Autumn Moon Festival (month 8)
[In 2018 it's on September 24th.]
eg, Ghost festival (month 7).
[2018 date August 25]
. but the Chinese year starts differently,
with the new moon near the midpoint
between winter solstice[12.21]
and spring equinox[3.20]
--or the new moon between 1.21 and 2.20
. and the day starts at midnight not sundown.

2018-01-01

#glyphosate exposure from desiccation #cancer

2017.11.4: news.pol/healthcare/glyphosate/
significant glyphosate exposure from desiccation:
2018.1.1: summary:
. increasing glyphosate exposure
may have adverse health consequences
and we are getting a lot more of it
since the 2002 practice of
using glyphosate for killing crops
to make harvesting easier.