They need to issue a recovery password for every account. This would be a serial number in case the account ever gets hijacked. It can only get you in to reset your password. It could be written down and stored in a safe or in a safety deposit box. And it cannot be changed. It would be displayed only one time by the website and never be visible again to anyone. So you click on the link, it says "record this" and you write it down and put it in a safe. And that link would never work again.
Yes yes, I know, you hate the idea.
They already offer this for their 2-factor system. They issue you 10 single use keys that you can use in place of the code generate by the phone app. It works almost exactly as you described. There is no reason that it couldn't easily be carried over to this system.
"Firewalls are supposed to prevent campaigns from viewing data gathered by their rivals."
Firewalls? Please. Anyone who knows anything about what a firewall is knows that firewalls do not do this sort of thing. Firewalls are 100% about controlling which ports are open or closed on a computer, and under what circumstances. They have nothing whatsoever to do with separating customer data, and anything you have that does that is called something else.
Listen, DNC: I know you need to give us a lie that minimizes your legal liability in these sorts of situations. Please prepare a plausible lie in the future.
The term "Firewall" has been in use LONG before computer networks existed. In its literal meaning it is a specially constructed wall to prevent fire from spreading. In its common usage it can be any system in place to stop movement from one compartmentalized unit in to another. Your car has a firewall between the engine compartment and the passenger compartment for example. Software application can also have firewalls that are sets of rules to prevent access between different users.
The cable companies need to pick a side in this fight. Either fight for the customers (end to end encryption so they don't see anything, no logging anything without a court order) or they support the copyright cartel (active monitoring for IP, log everything, cut off subscribers upon accusation). So the question is, who pays the most?
They have picked a side; their own. They will do whatever they feel is in their own financial interest.
LOL ummm why the fuck would you do that, your touch friendly tablet UI enabled device already has the tablet UI
Because you want to use your DESKTOP from the tablet. Maybe you need a file that's on a physical drive attached to the Desktop. The tablet UI better matches the input device of that tablet and will make interacting with the file easier.
Because encryption is usually a bit more complex then just that. A common system is to encrypt the data with a a strong symmetric cipher, using a single-use key key generated on the fly, then encrypt a copy of that key with the method of the user's choice, such as a password or asymmetric cipher. This way, you lessen the impact of using a slower or weaker method, as it is encrypting what is hopefully a relatively small and utterly random packet of data. Diffie-Hellman key exchange, NTFS file encryption, and others use this principle.
The 'master key' exploit should be fairly obvious, at this point: Every time the system creates a key package, it creates another copy of the single-use key, encrypted with a hidden 'master key' supplied by whoever ordered the backdoor. This doesn't compromise the integrity of the cipher used on the data, or on the other key packages. The danger lies in the security of the Master Key itself, which must be included in some form in every single instance of the encryption system. Unless the Master Key is made truly unique for every instance - a records-keeping nightmare - then an attacker only needs to break one key to break them all.
Wouldn't it then be fairly trivial for a user (or easy to use utility) to delete the 2nd copy of the key, removing the back door?
So are you telling me that user apps can modify the OS and run as root? Are Google developers complete morons or are the TV developers complete morons?
3rd option, anyone who manages to install ransomware on their TV is a complete moron. This isn't something that just happens, you have to work at it.
The battery in your phone is no longer holding a useful amount of energy to power the phone all day. You could replace the battery and bring the whole phone back to "like-new" condition, but the manufacturer has glued the case together. This is the malicious intent: The manufacturer *KNEW* that the battery would not last forever, and still welded the case shut. You would not stand for this if it were your car.
I really don't like defending cell phone companies, but I have to play devil's advocate on this one. Gluing all the components together may be the only, or most cost effective, way of giving the phone enough structural integrity to not bend when put in your pocket. These things are/always/ malicious, sometimes it is a really engineering problem that needs to be solved in a way that balances the different things the consumer wants.
I'm going to monitor my smart TV at the router and see what it connects to, then block those marketing addresses. This should be fun.
If they were smart it would connect to a single company controlled address for everything and be proxied out from there. Blocking that address would basically disable any special features. If they were smart.
"may be delivered to smartphones, tablets, PCs or other internet-connected devices that share an IP address or other identifier with your Smart TV."
According to TFA , they somehow link the cookies they store on your browser when you visit their website to your TV. So I'm guessing they store the external IP address of the TV and if the same address suddenly starts querying their website they assume its a device behind NAT and feed it ads.
Solution - don't visit their website or delete your cookies. Quite why anyone needs a smart TV anyway is another matter. My TV is just a monitor - the smart stuff happens on my other devices.
What is "not buying a smart TV" really going to change though? They are still going to push an ad to you no matter what, this just ties it to something you previously watched on TV instead of the result of a random number generator.
For many scenarios where a human will have to fave that decision the autonomous car never will because it would have chosen option C, avoid situation long before it became an issue.
Autonomous cars are subject to the same laws of physics as any other car. If something steps out in front of it at a distance too close to be able to stop in time then depending on what other traffic is on the road and what is around the vehicle its choice is going to be hit that thing that has just stepped out in front of it or hit something else. As the occupant of that car I want it to be the option that does the least harm to me. Problem is that the AI may not share the same concern for me as I do.
Unless you live in Middle Earth, trees "suddenly stepping out at a distance too close to be able to stop in time" isn't really a problem that autonomous cars are going to have to deal with.
How would they know about "entire movie collections" being stored? So very comforting!
When you upload a file to a server the file name and the actual data bits gets saved to this thing called a "database". This is required if you actually expect to get your file back down to your computer at some point. A simple query of the extension on the file name would give you fairly reliable numbers.
Really. This is a (rare) sighting of Capitalism doing good. There is an inefficiency (high price), and somebody comes in to fill in the void to make money.
(I hope there are no ulterior motives, though).
Sure, it worked EVENTUALLY. Fuck those people who didn't get their medication for several months when they couldn't afford it.
So, the best price/performance comes out to a GTX 750, so why even bother with a newer card?
Because you are willing to pay a higher price for more performance? the 750 may have the best price to performance ratio, but some people need / want more raw performance and are willing to pay more.
A tender is an offer to provide a requested service for a government. Governments put out a request for a service (say, "we need somebody to help us ensure our computer systems are secure") and companies and individuals can tender an offer saying, "these are my qualifications, this is my price range". Government will then select one of those tenders to get the job.
Presumably, people who speak out against governmental practices are having their offers tossed.
At least, that's how I read it.
In previous jobs where I've worked that dealt with government contracts those were called RFPs (Request for Proposal), I've never heard them called "Tenders" before.
we would only have couple hundred years to prepare for an eruption that could blanket the entire continent with up to 3,600 cubic miles of ash and rock!
Where did the 3,600 cubic miles of ash and rock figure come from?
The largest 3 previous explosions of the Yellowstone caldera happened 2m, 630k, and 1.3m years ago releasing an estimated 600, 240, and 67 cubic miles of ash and rock. That's a combined 907 cubic miles, a quarter of what the summary suggests could happen. I can't find that number in the article anywhere. 3600 cubic kilometers converts to approximately 863.7 cubic miles which would be more believable. The largest volcanic eruptions ever believed to happen top out at 8,600 cubic kilometers, ~2063 cubic miles.
It was precisely calculated by taking the realistic number and adding the "scare multiplier" to it in order to increase page views.
Slashdot Mirror
What is a "Surface Phone", and how is it different from a "Window 10 Phone", other than the name?
"That's a nice data cap you've got there, it would be a real shame if anything happened to it."
They need to issue a recovery password for every account. This would be a serial number in case the account ever gets hijacked. It can only get you in to reset your password. It could be written down and stored in a safe or in a safety deposit box. And it cannot be changed. It would be displayed only one time by the website and never be visible again to anyone. So you click on the link, it says "record this" and you write it down and put it in a safe. And that link would never work again.
Yes yes, I know, you hate the idea.
They already offer this for their 2-factor system. They issue you 10 single use keys that you can use in place of the code generate by the phone app. It works almost exactly as you described. There is no reason that it couldn't easily be carried over to this system.
Hillary is > 30 points ahead
In one state...
"Firewalls are supposed to prevent campaigns from viewing data gathered by their rivals."
Firewalls? Please. Anyone who knows anything about what a firewall is knows that firewalls do not do this sort of thing. Firewalls are 100% about controlling which ports are open or closed on a computer, and under what circumstances. They have nothing whatsoever to do with separating customer data, and anything you have that does that is called something else.
Listen, DNC: I know you need to give us a lie that minimizes your legal liability in these sorts of situations. Please prepare a plausible lie in the future.
The term "Firewall" has been in use LONG before computer networks existed. In its literal meaning it is a specially constructed wall to prevent fire from spreading. In its common usage it can be any system in place to stop movement from one compartmentalized unit in to another. Your car has a firewall between the engine compartment and the passenger compartment for example. Software application can also have firewalls that are sets of rules to prevent access between different users.
The cable companies need to pick a side in this fight. Either fight for the customers (end to end encryption so they don't see anything, no logging anything without a court order) or they support the copyright cartel (active monitoring for IP, log everything, cut off subscribers upon accusation). So the question is, who pays the most?
They have picked a side; their own. They will do whatever they feel is in their own financial interest.
LOL
ummm why the fuck would you do that, your touch friendly tablet UI enabled device already has the tablet UI
Because you want to use your DESKTOP from the tablet. Maybe you need a file that's on a physical drive attached to the Desktop. The tablet UI better matches the input device of that tablet and will make interacting with the file easier.
Because encryption is usually a bit more complex then just that. A common system is to encrypt the data with a a strong symmetric cipher, using a single-use key key generated on the fly, then encrypt a copy of that key with the method of the user's choice, such as a password or asymmetric cipher. This way, you lessen the impact of using a slower or weaker method, as it is encrypting what is hopefully a relatively small and utterly random packet of data. Diffie-Hellman key exchange, NTFS file encryption, and others use this principle.
The 'master key' exploit should be fairly obvious, at this point: Every time the system creates a key package, it creates another copy of the single-use key, encrypted with a hidden 'master key' supplied by whoever ordered the backdoor. This doesn't compromise the integrity of the cipher used on the data, or on the other key packages. The danger lies in the security of the Master Key itself, which must be included in some form in every single instance of the encryption system. Unless the Master Key is made truly unique for every instance - a records-keeping nightmare - then an attacker only needs to break one key to break them all.
Wouldn't it then be fairly trivial for a user (or easy to use utility) to delete the 2nd copy of the key, removing the back door?
I still don't get why they are called "hoverboards" when they are in constant contact with the ground?!
To a 3rd party, the person riding one seems to be moving without actually walking, as if hovering.
How long would it take for someone to spot something similar in a closed project? Forever?
Considering that this is a communication protocol spec, there is no way something similar could be "closed" in a way that would obscure it.
So are you telling me that user apps can modify the OS and run as root? Are Google developers complete morons or are the TV developers complete morons?
3rd option, anyone who manages to install ransomware on their TV is a complete moron. This isn't something that just happens, you have to work at it.
The battery in your phone is no longer holding a useful amount of energy to power the phone all day. You could replace the battery and bring the whole phone back to "like-new" condition, but the manufacturer has glued the case together. This is the malicious intent: The manufacturer *KNEW* that the battery would not last forever, and still welded the case shut. You would not stand for this if it were your car.
I really don't like defending cell phone companies, but I have to play devil's advocate on this one. Gluing all the components together may be the only, or most cost effective, way of giving the phone enough structural integrity to not bend when put in your pocket. These things are /always/ malicious, sometimes it is a really engineering problem that needs to be solved in a way that balances the different things the consumer wants.
Rubbish...Apple's whole business model hinges on this idea.
Is it popular because it's beautiful, or beautiful because it's popular?
don't send your children to public education. It's simple. They get dollars for your children being there, remove those dollars.
As opposed to trying to fix the problem and making the world better for everyone?
Java was touted as to be secure write-once, run-everywhere. Impervious to trivial things like heap overflows and buffer overruns.
This is an exploit in JavaSCRIPT, not Java.
I'm going to monitor my smart TV at the router and see what it connects to, then block those marketing addresses. This should be fun.
If they were smart it would connect to a single company controlled address for everything and be proxied out from there. Blocking that address would basically disable any special features. If they were smart.
"may be delivered to smartphones, tablets, PCs or other internet-connected devices that share an IP address or other identifier with your Smart TV."
According to TFA , they somehow link the cookies they store on your browser when you visit their website to your TV. So I'm guessing they store the external IP address of the TV and if the same address suddenly starts querying their website they assume its a device behind NAT and feed it ads.
Solution - don't visit their website or delete your cookies. Quite why anyone needs a smart TV anyway is another matter. My TV is just a monitor - the smart stuff happens on my other devices.
What is "not buying a smart TV" really going to change though? They are still going to push an ad to you no matter what, this just ties it to something you previously watched on TV instead of the result of a random number generator.
I don't see the issue.
For many scenarios where a human will have to fave that decision the autonomous car never will because it would have chosen option C, avoid situation long before it became an issue.
Autonomous cars are subject to the same laws of physics as any other car. If something steps out in front of it at a distance too close to be able to stop in time then depending on what other traffic is on the road and what is around the vehicle its choice is going to be hit that thing that has just stepped out in front of it or hit something else. As the occupant of that car I want it to be the option that does the least harm to me. Problem is that the AI may not share the same concern for me as I do.
Unless you live in Middle Earth, trees "suddenly stepping out at a distance too close to be able to stop in time" isn't really a problem that autonomous cars are going to have to deal with.
How would they know about "entire movie collections" being stored?
So very comforting!
When you upload a file to a server the file name and the actual data bits gets saved to this thing called a "database". This is required if you actually expect to get your file back down to your computer at some point. A simple query of the extension on the file name would give you fairly reliable numbers.
The trash, where the 3D desktop concept belongs.
Really. This is a (rare) sighting of Capitalism doing good. There is an inefficiency (high price), and somebody comes in to fill in the void to make money.
(I hope there are no ulterior motives, though).
Sure, it worked EVENTUALLY. Fuck those people who didn't get their medication for several months when they couldn't afford it.
So, the best price/performance comes out to a GTX 750, so why even bother with a newer card?
Because you are willing to pay a higher price for more performance? the 750 may have the best price to performance ratio, but some people need / want more raw performance and are willing to pay more.
The problem with the language they used is that any protocol they can't explicitly classify can be assumed to be encrypted.
Then we just tunneling TCP/IP over DNS. I mean that jokingly, but it's a real thing. http://analogbit.com/software/...
A tender is an offer to provide a requested service for a government. Governments put out a request for a service (say, "we need somebody to help us ensure our computer systems are secure") and companies and individuals can tender an offer saying, "these are my qualifications, this is my price range". Government will then select one of those tenders to get the job.
Presumably, people who speak out against governmental practices are having their offers tossed.
At least, that's how I read it.
In previous jobs where I've worked that dealt with government contracts those were called RFPs (Request for Proposal), I've never heard them called "Tenders" before.
Where did the 3,600 cubic miles of ash and rock figure come from?
The largest 3 previous explosions of the Yellowstone caldera happened 2m, 630k, and 1.3m years ago releasing an estimated 600, 240, and 67 cubic miles of ash and rock. That's a combined 907 cubic miles, a quarter of what the summary suggests could happen. I can't find that number in the article anywhere. 3600 cubic kilometers converts to approximately 863.7 cubic miles which would be more believable. The largest volcanic eruptions ever believed to happen top out at 8,600 cubic kilometers, ~2063 cubic miles.
It was precisely calculated by taking the realistic number and adding the "scare multiplier" to it in order to increase page views.