Great tip, thanks! I'm really enjoying watching these. Any other resources like this that you would recommend?
And, to expand on that, applying for my EB.
São Paulo, Brazil --> Chicago, IL, USA on a intra-company transferee visa (L1).
Airliners are not a Heroku dyno that you can "push code" into. There aren't APIs you can call, pull requests or Docker containers. We're not talking about a webserver or a couple of rails apps. We're talking about stuff…
Don't you have to call an API?
Oh, they sure do. https://youtu.be/mMvLuUJFHYk
Yeah, but I think that the main message is that there are pilots in the cockpit who can easily override any weird input. Even if it is theoretically possible (hey, you never know, right?) to impersonate avionics and…
It's important to put things to the test, but I tend to listed to people who are actually qualified and know what they're talking about. Even that RenderMan talk at DEFCON 20 came with a bunch of caveats. If you don't…
>This is the issue. Chances are Heroku has a very secure infrastructure, but the world will never know unless it allows various audits to be generated for compliance purposes. Exactly. And, personally, I think this is…
The Heroku situation is more nuanced than it seems. This is not a PCI DSS 3.0 issue. The thing is that Heroku provides a platform and this platform is not PCI DSS compliant (1.21, 2.0, 3.0, you name it) and Heroku is…
QSA here. In a nutshell, I'd say don't. PCI compliance is enforced by the card brands and acquirers, so it's not up to you to raise a flag here. Maybe they have compensating controls in place to address those issues…
And that's why you don't make games that need to be online 100% of the time to function (and charge $60 for it). Also, it should be noted that paying $400 for a console only to be told that you can't use it because some…
I'm just gonna copy & paste my comment on another site about this: As a Brazilian, I can tell you that this is more than moral panic. Those balloons are a major fire hazard. There are many, many instances of fires…
For sure. If you're getting your weather data via METAR/TAF, you should be able to read it :). And one can always resort to this (even though it won't decode everything).…
Well done. I can see this working well for aviation enthusiasts (i.e. X-Plane folks) who like to use real world data. However, METAR/TAF are not the friendliest of formats. Have you considered including a METAR/TAF…
Just upgraded via iTunes (not OTA). No issues whatsoever. iPhone 6 64Gb AT&T.
As Jeremy Clarkson would say... What can possibly go wrong?
Writing "The group simply called “CCC”" when referring to Chaos Computer Club, one of the most important hacker collectives in the world, around for 30+ years and responsible for the largest hacker conf in Europe makes…
Great tip, thanks! I'm really enjoying watching these. Any other resources like this that you would recommend?
And, to expand on that, applying for my EB.
São Paulo, Brazil --> Chicago, IL, USA on a intra-company transferee visa (L1).
Airliners are not a Heroku dyno that you can "push code" into. There aren't APIs you can call, pull requests or Docker containers. We're not talking about a webserver or a couple of rails apps. We're talking about stuff…
Don't you have to call an API?
Oh, they sure do. https://youtu.be/mMvLuUJFHYk
Yeah, but I think that the main message is that there are pilots in the cockpit who can easily override any weird input. Even if it is theoretically possible (hey, you never know, right?) to impersonate avionics and…
It's important to put things to the test, but I tend to listed to people who are actually qualified and know what they're talking about. Even that RenderMan talk at DEFCON 20 came with a bunch of caveats. If you don't…
>This is the issue. Chances are Heroku has a very secure infrastructure, but the world will never know unless it allows various audits to be generated for compliance purposes. Exactly. And, personally, I think this is…
The Heroku situation is more nuanced than it seems. This is not a PCI DSS 3.0 issue. The thing is that Heroku provides a platform and this platform is not PCI DSS compliant (1.21, 2.0, 3.0, you name it) and Heroku is…
QSA here. In a nutshell, I'd say don't. PCI compliance is enforced by the card brands and acquirers, so it's not up to you to raise a flag here. Maybe they have compensating controls in place to address those issues…
And that's why you don't make games that need to be online 100% of the time to function (and charge $60 for it). Also, it should be noted that paying $400 for a console only to be told that you can't use it because some…
I'm just gonna copy & paste my comment on another site about this: As a Brazilian, I can tell you that this is more than moral panic. Those balloons are a major fire hazard. There are many, many instances of fires…
For sure. If you're getting your weather data via METAR/TAF, you should be able to read it :). And one can always resort to this (even though it won't decode everything).…
Well done. I can see this working well for aviation enthusiasts (i.e. X-Plane folks) who like to use real world data. However, METAR/TAF are not the friendliest of formats. Have you considered including a METAR/TAF…
Just upgraded via iTunes (not OTA). No issues whatsoever. iPhone 6 64Gb AT&T.
As Jeremy Clarkson would say... What can possibly go wrong?
Writing "The group simply called “CCC”" when referring to Chaos Computer Club, one of the most important hacker collectives in the world, around for 30+ years and responsible for the largest hacker conf in Europe makes…