What's important about this story is that the North Koreans messed up, assuming they intended to keep this development a secret. Somehow, I doubt they made a mistake, but this release was calculated, knowing that the west would figure out what's going on. They are simply too controlling.
They obviously did not intend to keep the existence of these rockets, nor the use of Chinese trucks as launch base, a secret. Those were on full display on the military parade.
They may not be so happy though to have the exact location out in the open. Here is where they messed up. While it's no surprise to be in their main military production area (a city that's not in official maps - but likely well marked on US military maps), the exact location of the actual buildings is another matter. Too eager to show their great leader overseeing production of the latest and greatest military development, not looking carefully enough at the background (major info came from views through windows in the background), and poof, your cover is blown.
It's a digital lock - which can be activated remotely, so certainly can be activated (and deactivated) locally. It may be hard to unlock, but it will be possible.
Like DRM, it'll inconvenience the casual offender, who has limited technical ability. And sooner or later people will get accidentally locked out of their genuinely owned devices. Indeed maybe due to a ransomware type malware, maybe due to a simple error at the manufacturer's server, whatever. It can happen, so it will happen.
The proper way would imho to accept all certificates (no need for those extortion fees, and it allows people to use self-signed certificates), and warn when a certificate changes and the new one is not signed with the original certificate. That's a sign that a MITM has been deployed since you first contacted the site. Even if they successfully get a "trusted" certificate in the name of the site they pretend to be.
When a MITM is active already on a site on your first visit, you're out of luck. Not much one can do against that.
iOS has the iPad, which I know many people consider synonym to "tablet computer". Tablets are good for surfing. No idea on real market share of iPad vs Android tablets, this could be part of the explanation.
Many Android phones may have smaller screens (cheaper phones) than iPhones, making them less suitable for browsing. Again just stating a hypothesis, no actual evidence either way.
I hope MS can do something about that. And Firefox too. Maybe Safari and Opera can up their game and become relevant players.
At the current trends it will take just a few years and we're back to the 2002 situation. The only difference is that it's not IE with >85% market share, it'll be Chrome that can dictate the market with proprietary extensions. Or even if not proprietary, they'd be the first to implement new feature that're used on the web, leaving the rest of the browsers to play catch-up all the time.
Two browsers with some 40% each would be good (Chrome is well over 50%, getting too high). Three browsers, each some 30% would be even better.
Nearly $300 for a game console, playing mobile games? Sounds really expensive.
That's the price of a fairly high-end Android handset - maybe not today's model, but certainly half year ago models that are "outdated" for the fashionable crowd. Those happily connect to a TV playing HD video, and can play all but maybe the absolute latest, highest-end games available on the Android market.
A console certainly should be a lot cheaper. No need for GSM radio or GPS receiver. No need for (expensive!) display on the device itself. No need for a battery. No need to squeeze it all in a tiny package. A sub-$150 price sounds more like it.
Heavy requirements, making it definitely "can't" as in "not as private person".
Though technically you still can do it - just have to set up a big enough company to fulfil the requirements. Of course it's anything but easy or practical to do for just a few personal domain names.
And how is it not possible for a mobile phone to burn, or get lost, or otherwise cause you to lose access? It's quite interesting you even thought I was talking about a fixed line. That option never crossed my mind when writing that comment.
"Hey godaddy, my house burned down with that phone in it, so I can't get to those messages nor or ever, please change it to my new number 1234-4321 so I can receive your messages again."
And that is exactly what makes social engineering work: the person being "engineered" (i.e. you) doesn't believe it's a fraud, instead considers it a valid story.
That argument would only work if there would be no ways to spend money outside of the US. Yet, contrary to what you (and many others from the US) seem to be thinking, there's actually a whole world out there, with plenty of opportunities to develop new business.
You can't run an ATM from just a Pi, you'll still need software for it. And that's for sure where the big cost is: everything must be really well designed and tested.
The US prosecution already decided that The Silk Road is an illegal venture, and on those grounds they have seized the property linked to it. This is exactly the same grounds on which they can seize say a boat load full cocaine, plus the stack of cash that's on the same vessel.
A totally different issue is to find and prosecute the individuals responsible for running the venture (e.g. those operating the boat or responsible for the cocaine on board). These people may in turn also have property linked to the illegal venture, which then may be seized as well (I don't know what US law says about that).
Now if the person is found not guilty, he can prove the seized bitcoin (and possibly other property) are his, and that the operation was in fact not illegal or that the seized property was not linked to that operation, then he may be able to get back his property.
Not really, as it lacks a GUI, which is pretty mandatory for modern ATMs. You'd still have to develop a GUI on top of the MS-DOS system.
OS/2 had a GUI, which made it suitable for ATM use. Win XP as well. When OS/2 had to be replaced (which according to other comments had to be done because of lack of a sound system, which sounds odd to me as OS/2 would play sound just fine), Win XP was a reasonable choice. Linux, BSD and other open source systems might now be an alternative, back then they certainly were not.
However there are no technical advantages for an ATM of using Win7 over Win XP. Win XP is good enough, well understood, and the only reason to change is because Microsoft wants to stop support for commercial reasons.
Well, in a way you may be right. WinXP is so old and so well understood now, that pretty much all possible attack vectors are known and can be defended against. Knowing your enemy is important.
Can't say that much of other OSes, like Linux or Win7. They are not as well known by ATM builders. And that's just the OS, not the software running on it and doing the actual work (interfacing with the user, with the bank, dispensing the money, etc), which would have to be rewritten from scratch (all of it, including the UI the drivers) if moving to Linux or BSD, and would need at least thorough testing if deployed on a newer version of Windows, with the drivers possibly needing a rewrite.
Many Asians, especially Chinese, consider westerners (white people, in general) to be superior. That's why.
And no I don't try to be denigrating Asians, just stating how they think. I'm a white guy in Hong Kong and have experienced exactly that: "You should come with me to visit that mainland company. Doesn't matter you can't talk to them, it's just for having a white face around," is what a Chinese colleague once said to me.
Interestingly, China and India - the biggest countries in the world in population, and among the biggest in land area, are not even mentioned. India, known for it's many IT professionals, and China, evil evil China, known for it's hackers and crackers and general evilness when it comes to computer security. Nor is Russia, home to many prolific Internet criminals.
Foursquare, Pinterest and IMDB I occasionally ended up on following a Google search result. Etsy, PBS and Yelp I don't even know what it is. Netflix is not available here (I'm not in the US). Spotify may be interesting, getting back to following the music world again. But there must be alternatives for that as well.
They are not like Apple, just hoarding tons of cash, they don't actually have a tone of money left over.
Companies like Apple and Microsoft make so much money that they simply don't know what to spend it on. They hoard out of sheer necessity. Google has a similar problem, but they're a tad more creative when it comes to spending money (hence the robotic cars and other hobby projects you see coming out of that company).
Until operations are held accountable for their actions -- which is something that we USED to do on this network, a long time ago -- most won't bother. And that is, in large part, why problems like spam and phishing and malware are epidemic.
Here you go wrong with your argument.
We DON'T want an ISP to police their network, do we? Why would an ISP have to be responsible for what users do with their network? Do you want them to police against possible copyright infringement, and block torrents, as well? Do you want them to read your messages, to make sure you don't post anything offensive on the networks?
All along we have been arguing for net neutrality. Just give us the connection, and let us decide what data we pass over that connection. And let the end user be responsible for their actions.
Now the enforcement of anti-spam and anti-phishing laws is notoriously difficult on the Internet, partly thanks to the international nature of the network, and ISPs have the right to sell to whoever they want, and to stop selling to whoever they don't want any more, which could very well be in response to complaints.
Not birds, but I do recall a Mythbusters episode where they tried it with small aircraft and found a similar effect. Must have been a quite scary experiment:-) And as others pointed out, many wind tunnel experiments showed the same effects as well.
"The man using the phone explained to the irritated man that he was simply texting his 3-year-old daughter" (...)..and what kind of parent gives their 3 year old kid a cellphone anyway?
I assume here that he was texting the babysitter.
Even if the 3yo had her own phone, she wouldn't be able to read the message, and at that age is not likely to be left home alone.
Slashdot Mirror
What's important about this story is that the North Koreans messed up, assuming they intended to keep this development a secret. Somehow, I doubt they made a mistake, but this release was calculated, knowing that the west would figure out what's going on. They are simply too controlling.
They obviously did not intend to keep the existence of these rockets, nor the use of Chinese trucks as launch base, a secret. Those were on full display on the military parade.
They may not be so happy though to have the exact location out in the open. Here is where they messed up. While it's no surprise to be in their main military production area (a city that's not in official maps - but likely well marked on US military maps), the exact location of the actual buildings is another matter. Too eager to show their great leader overseeing production of the latest and greatest military development, not looking carefully enough at the background (major info came from views through windows in the background), and poof, your cover is blown.
It sounds very much like some kind of DRM to me.
It's a digital lock - which can be activated remotely, so certainly can be activated (and deactivated) locally. It may be hard to unlock, but it will be possible.
Like DRM, it'll inconvenience the casual offender, who has limited technical ability. And sooner or later people will get accidentally locked out of their genuinely owned devices. Indeed maybe due to a ransomware type malware, maybe due to a simple error at the manufacturer's server, whatever. It can happen, so it will happen.
The proper way would imho to accept all certificates (no need for those extortion fees, and it allows people to use self-signed certificates), and warn when a certificate changes and the new one is not signed with the original certificate. That's a sign that a MITM has been deployed since you first contacted the site. Even if they successfully get a "trusted" certificate in the name of the site they pretend to be.
When a MITM is active already on a site on your first visit, you're out of luck. Not much one can do against that.
iOS has the iPad, which I know many people consider synonym to "tablet computer". Tablets are good for surfing. No idea on real market share of iPad vs Android tablets, this could be part of the explanation.
Many Android phones may have smaller screens (cheaper phones) than iPhones, making them less suitable for browsing. Again just stating a hypothesis, no actual evidence either way.
I hope MS can do something about that. And Firefox too. Maybe Safari and Opera can up their game and become relevant players.
At the current trends it will take just a few years and we're back to the 2002 situation. The only difference is that it's not IE with >85% market share, it'll be Chrome that can dictate the market with proprietary extensions. Or even if not proprietary, they'd be the first to implement new feature that're used on the web, leaving the rest of the browsers to play catch-up all the time.
Two browsers with some 40% each would be good (Chrome is well over 50%, getting too high). Three browsers, each some 30% would be even better.
Nearly $300 for a game console, playing mobile games? Sounds really expensive.
That's the price of a fairly high-end Android handset - maybe not today's model, but certainly half year ago models that are "outdated" for the fashionable crowd. Those happily connect to a TV playing HD video, and can play all but maybe the absolute latest, highest-end games available on the Android market.
A console certainly should be a lot cheaper. No need for GSM radio or GPS receiver. No need for (expensive!) display on the device itself. No need for a battery. No need to squeeze it all in a tiny package. A sub-$150 price sounds more like it.
Heavy requirements, making it definitely "can't" as in "not as private person".
Though technically you still can do it - just have to set up a big enough company to fulfil the requirements. Of course it's anything but easy or practical to do for just a few personal domain names.
And how is it not possible for a mobile phone to burn, or get lost, or otherwise cause you to lose access? It's quite interesting you even thought I was talking about a fixed line. That option never crossed my mind when writing that comment.
"Hey godaddy, my house burned down with that phone in it, so I can't get to those messages nor or ever, please change it to my new number 1234-4321 so I can receive your messages again."
And that is exactly what makes social engineering work: the person being "engineered" (i.e. you) doesn't believe it's a fraud, instead considers it a valid story.
Why not? Is there a quota on domain registrars or so?
87 dates with what should be near-perfect matches. And barely a second date? That's systemic failure imho.
And that was not a perfect match either; just a 91% match based on the algorithms.
Before that he had 87 dates with 99%-match women, and none of those worked out. Just a few he got to a second date.
Script fail?
That argument would only work if there would be no ways to spend money outside of the US. Yet, contrary to what you (and many others from the US) seem to be thinking, there's actually a whole world out there, with plenty of opportunities to develop new business.
You can't run an ATM from just a Pi, you'll still need software for it. And that's for sure where the big cost is: everything must be really well designed and tested.
Not likely.
The US prosecution already decided that The Silk Road is an illegal venture, and on those grounds they have seized the property linked to it. This is exactly the same grounds on which they can seize say a boat load full cocaine, plus the stack of cash that's on the same vessel.
A totally different issue is to find and prosecute the individuals responsible for running the venture (e.g. those operating the boat or responsible for the cocaine on board). These people may in turn also have property linked to the illegal venture, which then may be seized as well (I don't know what US law says about that).
Now if the person is found not guilty, he can prove the seized bitcoin (and possibly other property) are his, and that the operation was in fact not illegal or that the seized property was not linked to that operation, then he may be able to get back his property.
Not really, as it lacks a GUI, which is pretty mandatory for modern ATMs. You'd still have to develop a GUI on top of the MS-DOS system.
OS/2 had a GUI, which made it suitable for ATM use. Win XP as well. When OS/2 had to be replaced (which according to other comments had to be done because of lack of a sound system, which sounds odd to me as OS/2 would play sound just fine), Win XP was a reasonable choice. Linux, BSD and other open source systems might now be an alternative, back then they certainly were not.
However there are no technical advantages for an ATM of using Win7 over Win XP. Win XP is good enough, well understood, and the only reason to change is because Microsoft wants to stop support for commercial reasons.
Well, in a way you may be right. WinXP is so old and so well understood now, that pretty much all possible attack vectors are known and can be defended against. Knowing your enemy is important.
Can't say that much of other OSes, like Linux or Win7. They are not as well known by ATM builders. And that's just the OS, not the software running on it and doing the actual work (interfacing with the user, with the bank, dispensing the money, etc), which would have to be rewritten from scratch (all of it, including the UI the drivers) if moving to Linux or BSD, and would need at least thorough testing if deployed on a newer version of Windows, with the drivers possibly needing a rewrite.
Many Asians, especially Chinese, consider westerners (white people, in general) to be superior. That's why.
And no I don't try to be denigrating Asians, just stating how they think. I'm a white guy in Hong Kong and have experienced exactly that: "You should come with me to visit that mainland company. Doesn't matter you can't talk to them, it's just for having a white face around," is what a Chinese colleague once said to me.
Interestingly, China and India - the biggest countries in the world in population, and among the biggest in land area, are not even mentioned. India, known for it's many IT professionals, and China, evil evil China, known for it's hackers and crackers and general evilness when it comes to computer security. Nor is Russia, home to many prolific Internet criminals.
I for one don't use any of those.
Foursquare, Pinterest and IMDB I occasionally ended up on following a Google search result. Etsy, PBS and Yelp I don't even know what it is. Netflix is not available here (I'm not in the US). Spotify may be interesting, getting back to following the music world again. But there must be alternatives for that as well.
They are not like Apple, just hoarding tons of cash, they don't actually have a tone of money left over.
Companies like Apple and Microsoft make so much money that they simply don't know what to spend it on. They hoard out of sheer necessity. Google has a similar problem, but they're a tad more creative when it comes to spending money (hence the robotic cars and other hobby projects you see coming out of that company).
Until operations are held accountable for their actions -- which is something
that we USED to do on this network, a long time ago -- most won't bother.
And that is, in large part, why problems like spam and phishing and malware
are epidemic.
Here you go wrong with your argument.
We DON'T want an ISP to police their network, do we? Why would an ISP have to be responsible for what users do with their network? Do you want them to police against possible copyright infringement, and block torrents, as well? Do you want them to read your messages, to make sure you don't post anything offensive on the networks?
All along we have been arguing for net neutrality. Just give us the connection, and let us decide what data we pass over that connection. And let the end user be responsible for their actions.
Now the enforcement of anti-spam and anti-phishing laws is notoriously difficult on the Internet, partly thanks to the international nature of the network, and ISPs have the right to sell to whoever they want, and to stop selling to whoever they don't want any more, which could very well be in response to complaints.
Not birds, but I do recall a Mythbusters episode where they tried it with small aircraft and found a similar effect. Must have been a quite scary experiment :-) And as others pointed out, many wind tunnel experiments showed the same effects as well.
"The man using the phone explained to the irritated man that he was simply texting his 3-year-old daughter" (...) ..and what kind of parent gives their 3 year old kid a cellphone anyway?
I assume here that he was texting the babysitter.
Even if the 3yo had her own phone, she wouldn't be able to read the message, and at that age is not likely to be left home alone.