Slashdot Mirror

Ha! It is looking more like my first theory was right. And now we know how the NSA knew that Kaspersky had the files in question. https://arstechnica.com/information-technology/2017/10/russian-hackers-reportedly-used-kaspersky-av-to-search-for-nsa-secrets/

In fact, with Metropolitan areas, the cost per unit from the buyer's perspective can be even lower since many of these data processing systems and additional sensor infrastructure could be installed into the same metropolitan central data centers and street lights, respectively.

The streetlight on my corner has been burned out for over two months. Don't look to municipalities to deploy high-$$$ sensor networks any time in the next decade. And given the infighting I've read about with regards to cable companies sharing access to public infrastructure I wouldn't expect the car companies to roll anything out too quickly either.

Ars Technica published a story on the fall of Commodore as part of their History of Amiga series.

Reading this was a nice trip down memory lane, my first computer was a Commodore 64 and the second one a Commodore Amiga 500.

I might have known that a money-grabbing muslim was involved:

Gould was out of his element, so in 1986 he turned to what many incompetent and desperate managers utilize: a management consulting company. The company he hired, Dillon-Read, sent over a managing director named Mehdi Ali. Ali spent many years and many millions of dollars to come up with the recommendation that Gould should hire Mehdi Ali to be the new CEO of Commodore International, which Gould finally did in 1989. This was the exact moment when Commodore sealed its doom.

Ars Technica published a story on the fall of Commodore as part of their History of Amiga series.

Reading this was a nice trip down memory lane, my first computer was a Commodore 64 and the second one a Commodore Amiga 500.

I might have known that a money-grabbing muslim was involved:

Gould was out of his element, so in 1986 he turned to what many incompetent and desperate managers utilize: a management consulting company. The company he hired, Dillon-Read, sent over a managing director named Mehdi Ali. Ali spent many years and many millions of dollars to come up with the recommendation that Gould should hire Mehdi Ali to be the new CEO of Commodore International, which Gould finally did in 1989. This was the exact moment when Commodore sealed its doom.

Ars Technica published a story on the fall of Commodore as part of their History of Amiga series.

Reading this was a nice trip down memory lane, my first computer was a Commodore 64 and the second one a Commodore Amiga 500.

Ars Technica published a story on the fall of Commodore as part of their History of Amiga series.

Reading this was a nice trip down memory lane, my first computer was a Commodore 64 and the second one a Commodore Amiga 500.

...don't forget about the money MS makes from Android

Sometimes it's obvious you shouldn't be doing that, and sometimes it's not.

People get in trouble for both scenarios.

e.g. URL munging the application website at Harvard to see application status results in offers being retracted

https://arstechnica.com/uncate...

Is a problem "solved" in your book when it is still ongoing? https://www.engadget.com/2017/...
Realistically the problem isn't that it would happen, but that our ISPs WANT it to happen, which means it is going to wind up mysteriously occurring. The will of the ISPs is the actual problem here, not the symptoms of throttling.

So yes, this does make the internet worse. "But that's just mobile traffic!" nope it aint:
https://arstechnica.com/inform...

Mozilla tried Firefox OS, but that didn't work out either.

Of course it didn't work out. The evidence suggests that that's because Firefox OS was just bad software.

This review of Firefox OS gives some insight into how bad Firefox OS was.

Before you blame the hardware, read some of the things that the review says about the Firefox OS software:

When the time gets reset, you can't connect to the Firefox OS marketplace and download an app, you can't pull your e-mail over POP or IMAP, and every secure webpage will throw up an error.

The time won't sync over Wi-Fi, either.

In theory, Firefox OS can multitask, but thanks to a combination of failings in Firefox OS and in the hardware, you'll never have an app run in the background on the Cloud FX.

The other problem is that when Firefox OS does run out of memory, it closes apps without doing anything to preserve their state or to keep critical background tasks running.

If the lock screen pops up while reading a webpage, you'll need to reload the page again.

If you start the stopwatch and leave the app, the stopwatch stops.

You can set the e-mail app to check for mail every five minutes, but there is never any free memory, so the mail check never runs.

There isn't even anything to keep the crucial alarm process alive. If the phone is busy when an alarm is supposed to go off, it just doesn't go off. An alarm you can't trust to work 100 percent of the time is useless.

Firefox OS really makes no distinction between the two, leaving it up to the user to figure out what will work offline and what won't.

Solitaire, for instance, is "pre-loaded" in that there is an icon that ships with the OS, but it's just a Web app that needs an Internet connection.

You won't find much in the way of apps for Firefox OS. There's basically nothing "custom made" other than a small handful of utilities. Most "apps" in the Marketplace are just bookmarks that users could make themselves.

The keyboard doesn't support multitouch, so you if press "Q" and "P" at the same time it splits the difference between the touch points and enters "Y."

You would think Firefox OS would have a killer browser that could easily run browser-based benchmarks, but they all crash.

When Firefox runs out of memory, it should do something other than crash.

That kind of nonsense is inexcusable. It's no wonder that a product with such problems didn't succeed!

Haven't used in almost a decade. Would've been nice if they'd spun it off instead of killing something still used by millions though. (quoted as single-digit millions by someone from AOL back in February)

No one would bother taking it. with people using third party aim clients to block ads, there's no money to be made to offset the expense of running the servers.

Funny what happens when you don't put some thought into "Hey, maybe my ads are annoying, obnoxious, and rude?"

Utility scale solar power hit $0.06/kWh unsubsidized in the mid-level insolation location of Kansas City this past May — three years ahead of schedule.

Insolation in PR is roughly 2x what is in Kansas City.

Haven't used in almost a decade. Would've been nice if they'd spun it off instead of killing something still used by millions though. (quoted as single-digit millions by someone from AOL back in February)

No one would bother taking it. with people using third party aim clients to block ads, there's no money to be made to offset the expense of running the servers.

Haven't used in almost a decade. Would've been nice if they'd spun it off instead of killing something still used by millions though. (quoted as single-digit millions by someone from AOL back in February)

I used to be a dedicated ThinkPad user. They were perfect for running open source operating systems such as Linux or BSD. Thinkpads are well-supported with open source drivers, detailed specifications are available at http://psref.lenovo.com/, and spare parts are available at https://support.lenovo.com/us/en/partslookup. Many models are also built to military standards of reliability (MIL-STD-810G).

But within the last several years the hardware has become less appealing. Only Lenovo-approved wireless cards are allowed. The keyboards aren't as excellent as they used to be (although they're still pretty good). The clickpads are horrible for work that requires precision. (See http://www.notebookreview.com/notebookreview/lenovo-thinkpad-w540-mobile-workstation-review/.) And fewer options are available for customizing the hardware. (Do you want a laptop without a built-in privacy-invading webcam? Well, you probably won't be able to purchase a Thinkpad without one. Do you want a DVD drive on a 14-inch laptop? Well, you can't get that either.) Lenovo also revealed itself to be untrustworthy in the Superfish scandal:

https://arstechnica.com/information-technology/2015/03/two-weeks-on-superfish-debacle-still-causing-pain-for-some-lenovo-customers/

For my next laptop, I'm seriously considering HP, instead. I can purchase a 14-inch HP with physical buttons below the trackpad, without a webcam, and with a DVD drive. I can't get any of those features on the current generation of Thinkpads.

Source: https://arstechnica.com/gadget...

"As is often the case with mobile browsers, the new browsers are Edge in name only. They provide a user interface that looks quite Edge-like, and they sync with your Microsoft Account, but they don't use the Edge rendering engine from the PC. On iOS, the browser wraps the WebKit browser engine from Safari. This is essentially unavoidable on that platform, as Apple's rules preclude the development of third-party browser engines. On Android, where the rules do permit the development of third-party engines, Edge is built on top of Chromium, the open source counterpart to Google's Chrome."

Same thing that happens for all generation sources: money needs to be invested to keep things up. Levelized Cost Of Energy (LCOE) calculations take all factors into consideration so that the costs of the various generation sources can be compared on an apples-to-apples basis.

Coal, nuclear, and even natural gas and oil units have higher maintenance costs than solar as well as variable fuel costs. Those factors mean that all solar needs to do is reduce its installation costs sufficiently and it is the cheapest source. This has happened, solar is the cheapest worldwide generation source by LCOE (not in the US yet, as they have relatively low energy costs, especially relative to their per capita GDP).

Yeah, he won the clown car race with 16 (or was it 17) candidates by a healthy margin by differentiating himself. But polling throughout the race had him at unprecedented unfavorability ratings, with only Clinton able to even remotely complete. He polled worse than lice and Nickelback.

Also, among the groups of independents, Democrats, and Republicans, Republicans are the smallest group, and only a small subset of them voted in the primaries.

Which is why there are many questions yet unanswered. Without any mention of any other nations, American voting machines are notoriously easy to hack https://fossbytes.com/defcon-2... http://thehill.com/policy/cybe... 2012 - https://www.csmonitor.com/USA/... 2011 - https://www.salon.com/2011/09/...

2005 - https://arstechnica.com/uncate...

This is not fake news, this is not remotely deniable. I knew that the voting manchines were Internet of things easy to hack almost 15 years ago. http://euro.ecom.cmu.edu/peopl...

There have been some strange happenings like in the 2012 election where Carl Rove had a public meltdown when he refused to concede the Ohio vote, expecting some districts to come through and push the Republican candidate over the edge and win Ohio. It was interesting in the aspect that Ohio had a strange even in a previous election where the exit polls gave the state to a Democrat, but the vote tally did not. The Republican response was the typical Good Republican Voters screwing with the Media. But that's just a side story, and I digress.

The big question is - with the machines having terrible security, why the hell would a tech-savvy nation not hack and alter the results to mess with an adversary nation or to put in a person they had sway with?

You need a lesson. The FCC is already on historical record as regulating the telco's as natural monopolies. Because of this, they have become government blessed or government mandated it really makes no difference as the result is the same.

https://arstechnica.com/tech-p...

Take for example here, when we let companies own utility poles on public property we are granting a small monopoly on that one pole, they own it, they can say who uses it. Then, we follow up by the government preventing any other business from putting down their own pole, now imagine this scenario EVERYWHERE and then you have a defacto government blessed and enforced natural monopoly.

Considering your ignorance and inability to understand the situation, you are ill suited to converse with on this subject. You have made it clear that government should be making your decisions for you, and that representative as selected by the government you have vested power in says Ajit Pai is who they are going with.

Shut up, sit down, this is quite literally what you asked for. Many of us told those like you when they asked for this, that Ajit is what you are going to get, and you did not listen or believe us. You had you chance and you screwed it up!

There are serious concerns with NSA writting SELinuxwhile Microsoft has been fighting them and requiring court orders

yeah, "water" pump
Everyone knows the workers who built the things were paid with beer.
https://arstechnica.com/scienc...
It's also been a belief that they were used to store grain. Of course you'd have to be a puritan to not understand what that grain was used for during that time. The pyramids were kegs, bro. The Pharaos who built thing things were rock stars of their time. Those parties were legendary across the galaxy.

AC if people have control then the security services have to work harder.
"New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs" (3/24/2017)
https://arstechnica.com/inform...
DarkSeaSkies, DarkMatter (EFI injection), SeaPea (kernel access), NightSkies (key logging).
Think of all the computers that got the security services package that might still exist.
Going back and having users globally create reports and publish their strange and unexpected results.
Best just to have later hardware looked at that is all clean and no unexpected reports will surface.

Linux being popular also increases the likelihood that if (or rather, WHEN) Microsoft attempts to lock down the bootloader in the name of "security," there will be enough of a reaction and enough alternative hardware capable of Linux that isn't priced into the stratosphere that it won't turn out extinct.

"I don't care, Linux is fine for MY desktop" people don't look beyond the next 18 months, if that. Computers break sooner or later, and computers become obsolete sooner rather than later. And Microsoft is already moving in that direction; unlike the Windows 8 days, the latest version of UEFI that came out with Windows 10 leaves it optional for manufacturers to decide if they give users control over it or not, and mobile versions are explicitly forbidden from allowing it to be turned off on end user devices.

For the curious. You might also consider that eventually manufacturers will catch on to the fact that removing the option to disable it gives them more control (which they love) and decreases their support costs (which they also love) since it prevents people from doing what they want with their machines without paying extra (which they love even more).

Microsoft will probably let Red Hat and Ubuntu kernels that they sign continue to boot as long as it serves their purposes, but I doubt most Linux enthusiasts will be satisfied with having controlled opposition available that toadies to Microsoft's every whim. I would strongly suggest that you and other short-sighted Linux users re-evaluate your position unless you want to have the choice of paying twice as much for Linux-capable hardware (or more) or trolling eBay for a dwindling supply of used replacement parts and machines.

The Democratic opposition to Ajit Pai's re-confirmation was launched today by Sen. Maria Cantwell (D-Wash.), who accused the Federal Communications Commission chairman of abandoning the public interest. Cantwell criticized Pai's in-progress attempt to eliminate net neutrality rules and said he has taken other actions that hurt Americans.

Oh, but wait! He apologized! Free pass because:

https://www.wsj.com/articles/o...
https://arstechnica.com/tech-p... (doesn't have full text or anything, but wsj's paywalls are mildly annoying)

It's all bullshit. Whatshisfuck stood on stage and claimed that it was orders of magnitude more secure and reliable than TouchID. What happened?

What happened is 1 or more people looked at the phone in its locked state backstage and it rolled over to passcode only, it was actually a good demo of how secure it is.

Nope. If a "perfect" mask is made, the defensive system won't notice. And neither will a human. And if a "good" mask is made, the defensive system won't notice, but a human will.

while getting a perfect 3-d scan of the persons face and making a 3-d printed model may work - on the other hand, pun intended, lifting a fingerprint from anywhere and using it to unlock an iphone touch sensor is trivially easy, children have defeated it by touching it against their sleeping parents hand. Cops can force you to touch unlock your phone too. But the facial recognition wont work with your eyes closed or your face scrunched up or if someone else looks at your phone. So in reality it is a far more secure system, even if it goes over to passcode more often than the finger sensor.

Moron. #CrookedHillary lost on her own evil deeds.

And now Krooked Kushner is following suit. No doubt Trump would post a tweet denying such hypocrisy... assuming he could spell the word.

It's been apparent for a while now that hypocrisy is not a concept that Republicans understand. There is no intellectual consistency, only political expedience.

Moron. #CrookedHillary lost on her own evil deeds.

And now Krooked Kushner is following suit. No doubt Trump would post a tweet denying such hypocrisy... assuming he could spell the word.

No one is replacing old nuclear power plants with coal.

Germany has done just that.
https://carboncounter.wordpres...

France too.
http://instituteforenergyresea...

Sadly, so is the USA.
https://instituteforenergyrese...
https://www.vox.com/energy-and...

Or maybe the USA is replacing nuclear with natural gas.
https://www.forbes.com/sites/j...

Japan is almost famous for replacing nuclear with coal
https://www.equaltimes.org/jap...

In the UK natural gas is replacing coal and nuclear.
https://arstechnica.com/scienc...

I just realized I covered 5 of the "Group of Seven" so let's finish this out and see what Canada and Italy are doing.

Turns out Italy shut down their nuclear a long time ago and relies largely on natural gas.
https://en.wikipedia.org/wiki/...

Looks like Canada is neither closing or building new nuclear, demand growth has been met with natural gas and hydro.
https://www.vice.com/en_ca/art...

Also in the above article is mention of Russia, China, and South Korea. More about that here:
http://www.world-nuclear.org/i...

So, let's review. France, Germany, Japan, and USA have all built significant numbers of coal plants in the past few years to meet growing demand and to make up for retired nuclear. Canada, UK, USA, and Italy rely heavily on natural gas and are building more capacity, while this might not be replacing nuclear it is another fossil fuel being used instead of wind and solar. China, Russia, and South Korea are actually making significant investments in nuclear to replace fossil fuels, which is still consistent with my claim that one must choose nuclear, fossil fuels, or lights going out.

Why do you write such nonsense? Fukushima Daishi had ordinary emergency power generators, like every plant. They did not rely on external power. However, perhaps that escaped you, the emergency power generators got flooded. And for some dumb reason no one came to the idea to helicopter a few military units in.

That's just so much nonsense in one paragraph it's hard to even come up with a reply. Do you really think that no one thought to helicopter in some generators?

In your country? All other countries that introduced wind and solar show that they are very reliabel and cost effective.

Oh, you mean like how last year the German government paid wind energy producers to sit idle to prevent damage to the electrical grid?
http://dailycaller.com/2016/04...

That doesn't sound very reliable or cost effective. Seriously, do some research before you post. You are looking like a fool.

Upgrade the firmware from 4,1 to 5,1 -- it's unsupported by Apple, but it convinces the 2009 mac pro that it's a 2010 mac pro, and can accept High Sierra.

http://appleinsider.com/articl...
https://arstechnica.com/gadget...
how-to video
https://www.youtube.com/watch?...

Hope this helps.

2009 Mac Pro supported OS X 10.6 Snow Leopard http://www.everymac.com/system...

"Placing a TouchID sensor on the back of the phone is a singularly horrible idea from a usability standpoint, and thus would have been instantly, and rightly, rejected by Apple's Product Design team for the iPhone."

You sir, are full of shit. On a modern device that potentially contains a lot of sensitive info, yet is easily stolen, giving the users options to choose from is the way to go. On my S8+ I have the following options. I can have them all available, or ignore them all

1. Facial recognition. Depending on lighting, this does not always work. Once the new iPhone is in the wild, I would not be surprised if this primary feature also fails under certain lighting conditions, or if the user is say, wearing a hat.

2. Finger print scanner on the back. The scanner is well placed as can be. If someone has that much trouble, the still have face recognition and these other two.

Iris scanner. The lighting or wearing a hat problem need not apply here.
3. Disable the whole lot and just use the pin code that all other things default to if there is a problem.

I have a number of reasons for not wanting an iPhone, but having a variety of security options to use or not use was a big selling point for me. That and the audio jack which use for several purposes, none of which involve head phones.

Every year when the new iPhone comes out, I stay out of this conversation, but the new iPhone is a step back in many respects. Oh, and at least I am not spending $1,000 on a phone with rapid charging capapabilites only to have to pay extra for Apples rapid charging power brick. That right there is robbery in the face of Apple admitting the device is already overpriced but they don't because people will buy it anyway. And after all that, they just settled a court case in which they established that an iPhone is expected to fail after the first year, when many people will not even have it paid off yet.

1. Unlike Samsung, who put so little effort into facial recognition you can spoof their system with a photograph, Apple has made their facial recognition nearly foolproof. They have already tested it against photos, lifelike face masks, scarves, hats, helmets, glasses, sunglasses, night, day, even beard-growing, and it has apparently proven robust.

https://arstechnica.com/gadget...

So, there's one S8 "Security" system that isn't...

vs.

https://techcrunch.com/2017/09...

Admittedly, as Craig rather candidly says above, we will have to see how well this ultimately works with millions of people; but it does sound like they have tried to think of things like sunglasses, hats, scarves, beards, etc.

2. I still feel that a rear-mounted fingerprint sensor is an epic fail, usability-wise. Plus, as one poster pointed out, it complicates the design and assembly process for the phone. As I said, Apple's first choice was TouchID built into the Display/Digitizer, but that proved impossible/impractical. And if the video below is to be believed (and it does look pretty legit, as you can see a scrolling display of text on the test-jig screen a fraction of a second after the worker places his finger on the area just under the Apple Logo on the back of the phone), Apple at least produced (and obviously rejected) some prototypes with a rear-mounted Fingerprint Sensor. They did say they analyzed at least 10 different prototypes:

http://www.idownloadblog.com/2...

3. Iris scanner. Poor second choice to facial recognition. Not nearly as much data, which means not nearly as much security. And apparently, that's exactly the case. So now, you have two ineffectual pseudo-Security systems in your S8. Cool!

I don't have a UK specific story to tell, unfortunately, but you can read this American story where Uber lost in small claims court in no small part for their lack of cooperation with law enforcement after a client had his laptop stolen by his driver. Quoting from the article:

When Wilcox finally got the police report, it contained a big surprise. Uber had stonewalled Wilcox but emphasized—in court, in phone conversations, and in public statements—that it always cooperates with law enforcement. Yet the police report showed that Uber maintained the ride hadn't even taken place, despite the fact that the police officer had provided the vehicle's license plate number, the driver's name, and the exact time of the ride.

The investigating police officer made multiple visits to the address on record of the vehicle's owner, but no one had answered. Uber, meanwhile, said the driver hadn't worked for them for two years.

Never mind the detail that the iPhone X facial recognition is a LOT more complex than to my knowledge any other customer level gadget out there

prove it by providing technical facts, not iPropaganda.

Like the fact that it has special hardware for detecting the 3D topology of your face, a 3D depth map. That it is *not* simply looking at a 2D image as other current facial recognition software does, as the 8-9 year old platforms referenced did.

"Face ID
With the Home button and Touch ID gone, Apple's new way of unlocking the iPhone X is called Face ID. The feature uses the new front-facing camera setup, which includes the lens, a new IR camera, a flood illuminator, dot projector, and ambient light sensor, along with 3D-sensing facial recognition software to identify your face and unlock the handset. This system virtually projects 30,000 IR dots on your face that are then stored on the smartphone. The phone references that dot-map whenever you look at the front of the device so it can identify you as the correct owner and unlock itself. Apple is calling the new technology system that enables Face ID its "True Depth Camera system.""
https://arstechnica.com/gadget...

Actually, law enforcement can force you to use your fingerprint to unlock your phone. They just can't force you to use your passcode.

Or not forcing them to do a complete Fileystem transfer - Windows hasn't for 25 years and still works because why should it care (it'll default to a sane choice, of course)?

That's because Windows USES a 25 year old Filesystem, because THEIR "new Filesystem" is still QUITE lame:

https://arstechnica.com/gadget...

Java is excellent for some scenarios such as the development of server-side applications, webservices and so on.

You're joking, right?

THIS is how you write a headline:

https://arstechnica.com/scienc...

Exactly what I assume Google Fuchsia will be.

If history is any indicator, Not once the OEMs and the Carriers get ahold of it...

nintendo has been taking down youtube videos of their games for years

Exactly what I assume Google Fuchsia will be.

Why make up bullshit when we can just google (or bing) the real reason?

https://arstechnica.com/tech-p...

It was removed for ToS violations, specifically not having moderation in place to deal with content that advocates violence or hatred against groups of people.

tell us, please, what percentage of Android apps are installed from anywhere else.

Sadly I can't find any stats, but both Amazon's Appstore and F-Droid have been going for years and seem to be reasonably popular. And there is nothing stopping Gab simply offering the app on their own web site too, or are they complaining that they are not popular enough and need free advertising on Play to survive?

Yeah, it's not like Solare energy is cost effective and beating estimates for cost or anything.

Modern FTP clients and servers support STARTTLS as a command to initiate TLS

Unless the ISP intercepts the STARTTLS command sent by the client and turns it into a garbage command that produces a 502 Method Not Supported response, fooling the client into thinking the server doesn't support TLS. This has happened, Ars Technica has reported on it, and there's even a proof of concept in PyPI. What's FTP's counterpart to HSTS?

So despite knowing that Microsoft is an early NSA collaborator, forcing and tricking users into "upgrading" to Windows 10, distributes proprietary software (all of which is untrustworthy by default which prevents even technical users from fixing problems and distributing improved software to others), and Microsoft blatantly disregarded user choice and privacy, shipped with bad defaults for privacy, got caught lying to users about how Windows 10's euphemistically named "privacy controls" worked, you believe the headline that Microsoft "will soon give users more control over app permissions" and therefore want to talk about this in the context of the rose-colored vision of the past for Windows users? Microsoft has made so many choices against "giving users more control" over anything there's no reason to believe they'll ever make such choices, just like any other software proprietor.

Forget the past, history begins now.

The Ars article about BlueBorne cites someone from Armis claiming that "the majority of Linux devices on the market today don't use address space layout randomization," explaining that ASLR would mitigate the impact of the defect. Is that true about most Linux devices and ASLR? What kind of devices are they talking about? (It notes that Android is not in that category. I would think Android made up the majority of Linux devices, but I guess not.)

Unless the police already know what they're going to find on your phone, like this guy's case. I mean, that can't be abused at all, right?

Ars Technica notes:
https://arstechnica.com/inform...

"Microsoft patched the vulnerabilities in July during the company's regularly scheduled Patch Tuesday. Company officials, however, didn't disclose the patch or the underlying vulnerabilities at the time. A Microsoft representative said Windows Phone was never vulnerable.

Google, meanwhile, provided device manufacturers with a patch last month. It plans to make the patch available starting today for users of the Pixel XL and other Google-branded phones, but if past security bulletins are any guide, it may take weeks before over-the-air fixes are available to all users.

Izrael said he expects Linux maintainers to release a fix soon.

Apple's iOS prior to version 10 was also vulnerable."

People claiming it can not be done should not interrupt people already doing it.

(BTW: Spotify (or was it another networked music player ?) is also doing it to help identify the various device that are within reach. And as it's the app it self generating the code, it's not constrained by the audio compression limits - Vorbis in their case.
They can easily emit beep codes at 24kHz which you would definitely NOT hear, but which could be emitted and picked up by current mic and speaker technology available to the platforms on which the various instances of music player are running and would like to "see eachother" in the physical world in addition to the network).

These ads are basic beep code, very simply signals that you can cram at the upper limit of what your medium can carry.
A few short beeps at somewhere between 6kHz and 10kHz (or whatever can get through your compression) could be audible (in absolute silence, with a good pair of earphone, provided that you haven't completely borked your upper hearing range be firing guns without adequate protection), but would be easily drowned in the rest of the noise emitted by the ads.

Today's article is about speech which must convey a lot more informartions and requires much time and frequency bandwidth.

DolphinAttack works by shifting the speech a lots of octave up, until it's above 20kHz (see paper, linked in the article, linked in this summary).
That CANNOT work in any way with current TV and Radio technology.
There simply doesn't exist any TV or Radio technology today (both analog or digital) that can carry frequencies above 20kHz.
(For the simple and obvious reason that TV and Radio was invented by humans and for humans, not for dogs, bats or dolphins.
Nobody was paying attention to keep those inaudible frequencies in. And if by dropping them you save space and/or radio frequency bandwidth, so be it)
So today's article technology CANNOT IN ANY WAY be carried over TV and radio due to very hard limits (**).

In theory, there should be ways to embed speech in TV and Radio.
You going to use these sentences of human-like speech but shifted several octaves up until they can be squeezed somewhere between ~4kHz and 10kHz, and thus stay within what could realistically be carried by your media.
That is definitely audible. Not necessarily *intelligible* but if you're sitting in front of the device and listening carefully, you'll notice some weird noise going on for a few seconds.

And of course, then suddenly hearing your phone in your pocket confirming "Okay, confirming 100'000$ purchase for 'ScamBot' article on alibaba" or "Okay, opening garage's door" - that's going to be a dead giveaway.

---

Visual analogy :

- some article : it should be possible to embed hidden infra-red images (projected by a light-bulb illuminated slide ? a special device ?) that can be interpretted as QR-Codes by selfie apps and trigger un-expected behaviour.
(NOTE: Near Infra-red ARE visible to smartphone cameras).

- /. crowd reaction : great! now someone would hack my smartphone just by hiding an invisible QR-Code in my TV picture whenever I try to make a reaction selfie in from of the TV.
(=I know that most smartphone don't actually scan QR-Codes from the main photo app, unlike Siri and co with voice, but for the sake of the argument we'll ignore that point).

- bandwidth limitation : No dum-dum ! TV aren't designed for snakes or insects, they can only emit R, G and B lights. There's no way to push IR over TV.

- counter point : Yeah, but in the real world, there are 3D PC monitors/projectors using visual cue for the left-right lens of 3D glasses !
(= in real world, done by shifting colors on a line).
(Also, small blinking pattern have been used by some form of banking 2FA, and by some early TV games-shows to beam data t

> cannot argue the details with you about browser extension security or isolation from possible attack vectors ... there have never to my knowledge been any compromises.

Tavis looked at LastPass in March and reported THREE different ways for web sites (malicious JavaScript and frames) to get at all of your LastPass passwords. That's what ONE guy found in just ONE month. The technical details may not be for you, but here's an article in the popular tech press about them:

http://arstechnica.com/informa...

I would bet my team will find at least one more if LastPass shows up on our 18-hour test we do four times per year. Basically, we get 18 hours to find as many vulnerabilities as we can in an array of software.