A rather alarmist post that overshadows the progress Google puts forth here. Two-factor authentication is long overdue for communications that is critical and private for businesses and individuals alike.
1.) Firstly and most importantly, the "mandatory" is pure guessing/speculation. Google almost always implements an opt-out system for such features. 2.) Secondly, if you're the type that relies on e-mail being available everywhere (business-types), chances are your phone is also everywhere with you. The large majority already bring their phones everywhere with them. Those that don't are a really small group.
Furthermore, it is very easy for Google to implement something like this:
- Read-only and/or Reply-only mail for the past 24 hours if you only have the password, with no changes permitted to settings and all attempts logged. - Full access if you are able to reproduce the code. Those logging in through this way will be clearly warned of any past password-only attempts.
This way, leakage of personal information and impersonation will be minimized whilst those needing their latest updates from email everywhere can get it.
But one can also understand Google's stance when it comes to this issue.
There have already been numerous complaints how the Google App Market is terrible fractured and hence not appealing due to the widely varying hardware configurations and OS versions each Android device is currently using. Loosening the CCD and removal of more compulsory hardware requirements will only fracture the App Market even more.
Here are some of the forseeable effects: - Consumers are pissed how wonderful-app-X is not available for their tablet because it lacks a camera or a GPS. - Developers are pissed at how limited their target audience is if they wish to fully utilize the hardware of the device due to the fragmented nature of the platform.
As a result, developers' creativity with applications are limited, consumers buy less applications, the vicious cycle continues and the App Market can't ever match up to the Apple App Store.
DMCA is often confused with trademarks and patents.
DMCA specifically addresses copyright infringement and DRM circumvention. It does not, and cannot, be used to threaten to take down a site based on trademark or patent claims alone.
For those, you will likely need a lawyer to send a Take Down notice or file a suit.
Seriously, you think THAT is a big deal? How about Amazon, who not only does the billing, invoicing, tracking, serving, but also SHIPPING and RETURNS. Now THAT is an impressive feat.
"On March 26, 2010, Amazon had a higher market cap than Target Corporation, Home Depot, Costco, Barnes and Noble, and Best Buy, only lagging that of Walmart among American brick and mortar retailers"
The difference is Amazon has been around since 1994, but the App Store has only been around for the past 2.5 years. (We're only counting apps, not music, here.)
Their explosive growth is impressive because: - It shows their ability to get their users to actually buy and/or use the apps on their devices. - It shows their ability to attract and gather a great number of developers in a short span of 2.5 years. - It shows their ability to maintain an infrastructure sufficient to handle that traffic.
I'm rather annoyed at how many app developers are creating poorly-written, advertisement-filled versions of their web pages taking no advantage of being native at all. *glares at newspapers* I'd much prefer a platform-neutral, mobile version of the web page that will at least work for other OSes such as Android, WebOS, etc.
I had the impression that most, if not all, phones are vulnerable to this attack due to the inherent flaws in GSM. This is a rather old news article that has been reported multiple times.
Why is it suddenly "news" again when someone discover it works on the iPhone? And if you're on about targeting business users, won't a compromised Blackberry be as, if not more, significant?
There is a net benefit as to carbon emissions, though not by much.
There are other benefits though: - Money is redirected from going to Middle East/Oil to electric car manufacturers (China) and funding alternative energy sources (Nuclear, Solar, Wind). At least you're not funding a war or some ego-building by Dubai. - Pollution is redirected to the electric car manufacturers (China) instead of local pollution.
Whilst the short term carbon benefits are not apparent, they become more obvious in the long term. Otherwise, we'll be forever stuck in argument due to the high initial costs.
Please read up on how overselling works; the masses overpay a little (for peace of mind) to cover the loss from heavy users. This model can work well, and is how cable and telephone companies operate. They are a sham the same way every single telephone, cable and internet providers is shamming.
You think you're so cool using non-oversold bandwidth? Newsflash: Even upstream ISPs oversell as well.
The world is better off without amateurs like you raking this generation a bad rep.
I'd take the iPhone for example, since the game library it has is far larger.
Here are some games that rival the consoles: - Crimson Gem Saga (PSP Port, 9.99) - Need for Speed: Hot Pursuit (4.99) - Lego HP (4.99) - Fieldrunners - Carcassonne
Most of them have console ports, with some games like Fieldrunners having been so well-received that they've been ported to consoles. Notice, as well, that they are often far cheaper than their console counterparts (Crimson Gem Saga sells for 30+ on the PSP).
Sure, there's alot of trash on smartphones, but that's to be expected from the low barrier of entry to the app store. There's alot of trash on the DS and PSP too, but comparing who has worse games is a race to the bottom.
I think by that they mean, there are less false positives with de-obfuscated code. Obfuscation probably messes up their malware detection by falsely triggering (after all, obfuscating is rather suspicious considering its pretty useless for protection).
I really like PDF's ability to retain the font and display of the document without worrying about fonts and the application. Since I have to distribute documents that are read on a variety of systems, including Linux, OSX, iPhone/Pad and Windows, PDF really beats all other alternatives in compatibility.
Adobe should really work on creating a text/image-only version of PDF without their fancy password protecting features and what-not. If they don't, perhaps an open source group can take on the challenge.
It's sad that such an uninformative troll post is modded insightful.
Nowhere in the source did they confirm that his account was compromised due to a weak password. The source speculates it to be so, but given Twitter's security record it may not be so. Perhaps his password was recovered with forgot password, or a vulnerability found.
Furthermore, weak passwords aren't the only way passwords get compromised. More often than not, social engineering or a brute force of his publically available information is used. He may have fallen for a phishing attempt in which a layman is unable to differentiate, or used an infected PC.
Most importantly, either technical inexperience or weak passwords doesn't justify impersonation or calling anyone an asshat. Slashdot must accept that people are skilled in different fields, and IT is just but one of them. There's this foolish mentality around here that everyone must be experienced and knowledgeable in IT, when slashdotters are themselves clueless in many other fields - for example, fashion or (.
Would you prefer to be sued over loss of company data/secrets/etc in the event that you lose your phone?
I would say that this is perfectly reasonable provided they let you know in advance. They aren't reading your personal data, they are simply given the ability to delete it when you are no longer an employee, or you lose your phone.
It's also good to note that iTunes automatically backs up your phone/pad/touch device. So that actually covers the "keep a backup" part of the argument.
As much as Windows is a piece of crap in terms of security, other operating systems have flaws too, zero-day as well. In fact, Windows is much more persistent about getting you to update (due to the bad rep over the years) than other operating systems like Linux.
If someone (guessed to be state-backed) is going through so much effort to target such a specific industrial system, their intelligence should have no problem identifying the OS you use. From there on, it's just finding a zero-day vulnerability to exploit to release the next targeted attack.
The real solution is better security practices. Industrial systems AND the systems used to program/control them should be properly isolated from the outside world. Developers and techs should not be able to bring their own laptops in, plug a USB in or anything of the sort.... and more. Those are just a small subset of good security practices. A lot more can be done.
For all it's openness, Android is being crippled by phone manufacturers.
Let me quote you an example. I have a HTC Hero that was released in July 2009 with Android 1.5 and it has been lagging badly behind on Android releases since then. Android 2.1 was released in Jan 2010, but the Hero only got the update in June 2010, a six months delay. Hero is also not getting any more updates. A lot of applications won't run on the Hero, especially games, because the Hero is not as powerful as the higher end models these games are built for. People do care when the applications they expect an Android phone to run, won't run. Their phones are becoming outdated in less than 2 years. (Don't mention rooting; because that'll bring in iOS jailbreaking as well which would also defeat those arguments about iOS being a walled garden)
Now, some of you might say, 2 years is a long time - it's time to change your phone! Let's pit this against the iPhone 3GS which was released in June 2009. The iPhone 3GS has received every update exactly the same time as the newer iPhone 4, and updates are likely to continue until at least iOS 5, if not later. All of the apps that run on the iPhone 4 will run without problems on the 3GS as well, with the exception of HD video recording.
Frankly, I want to embrace Android and it's merits. I'm using Linux on all computers at home except one (due to application requirements). However, having experienced both Android and the iPhone, I would say that the iPhone is superior to the Android in most ways if not all. The iOS has a far more extensive app library; the iPhone has a much longer life cycle than the Android; and to top it all off it is a well built piece of hardware (dropped dozens of times without any problems).
Maybe the Android will win the in future. But the fragmentation and diverse hardware specs is a bigger problem than you think. When someone buys an Android phone and the app doesn't work, they don't blame HTC, they blame Android, because that's the stuff most phonemakers advertise.
I don't think MPAA even understands technology or the internet, or you won't see them suing individual filesharers (way to boost your karma!) and trying to take down stuff like Limewire (by the time you're done, 10 alternatives appear!).
They are genuinely worried about their business model; and for good reason - those execs are used to millions of dollars per year salaries and generally don't want to lose those salaries. Right now, they're just resisting any form of non-DRM technology for the simple reason that they don't understand it that well, really.
Actually mono isn't lagging THAT far behind..NET Framework 4.0 was released in April, mono added compatibility for it in September. Of course there are still some missing classes, but considering Microsoft had a 2.5 year head start, mono is actually doing pretty well.
Slashdot Mirror
World to US: Your carriers are screwing you over, not the smart/dumbphone makers.
I have a subsidized iPhone at $25/mo.
A rather alarmist post that overshadows the progress Google puts forth here.
Two-factor authentication is long overdue for communications that is critical and private for businesses and individuals alike.
1.) Firstly and most importantly, the "mandatory" is pure guessing/speculation. Google almost always implements an opt-out system for such features.
2.) Secondly, if you're the type that relies on e-mail being available everywhere (business-types), chances are your phone is also everywhere with you. The large majority already bring their phones everywhere with them. Those that don't are a really small group.
Furthermore, it is very easy for Google to implement something like this:
- Read-only and/or Reply-only mail for the past 24 hours if you only have the password, with no changes permitted to settings and all attempts logged.
- Full access if you are able to reproduce the code. Those logging in through this way will be clearly warned of any past password-only attempts.
This way, leakage of personal information and impersonation will be minimized whilst those needing their latest updates from email everywhere can get it.
Morality is a very subjective topic, what's moral to me (e.g. euthanasia) may not be moral to you.
If you see it from a mainland-China perspective, their "stealing" may be deemed justified considered how much of US's crap China has to put up with.
But one can also understand Google's stance when it comes to this issue.
There have already been numerous complaints how the Google App Market is terrible fractured and hence not appealing due to the widely varying hardware configurations and OS versions each Android device is currently using.
Loosening the CCD and removal of more compulsory hardware requirements will only fracture the App Market even more.
Here are some of the forseeable effects:
- Consumers are pissed how wonderful-app-X is not available for their tablet because it lacks a camera or a GPS.
- Developers are pissed at how limited their target audience is if they wish to fully utilize the hardware of the device due to the fragmented nature of the platform.
As a result, developers' creativity with applications are limited, consumers buy less applications, the vicious cycle continues and the App Market can't ever match up to the Apple App Store.
DMCA is often confused with trademarks and patents.
DMCA specifically addresses copyright infringement and DRM circumvention.
It does not, and cannot, be used to threaten to take down a site based on trademark or patent claims alone.
For those, you will likely need a lawyer to send a Take Down notice or file a suit.
Hey America,
This is what it means to have an impartial judiciary body.
Try to buy your Congress and Courts back from the conglomerates, it'd do you a lot of good.
You might want to start with your supreme court:
http://www.guardian.co.uk/commentisfree/michaeltomasky/2011/jan/27/usdomesticpolicy-clarence-thomas-what?
Seriously, you think THAT is a big deal? How about Amazon, who not only does the billing, invoicing, tracking, serving, but also SHIPPING and RETURNS. Now THAT is an impressive feat.
"On March 26, 2010, Amazon had a higher market cap than Target Corporation, Home Depot, Costco, Barnes and Noble, and Best Buy, only lagging that of Walmart among American brick and mortar retailers"
The difference is Amazon has been around since 1994, but the App Store has only been around for the past 2.5 years. (We're only counting apps, not music, here.)
Their explosive growth is impressive because:
- It shows their ability to get their users to actually buy and/or use the apps on their devices.
- It shows their ability to attract and gather a great number of developers in a short span of 2.5 years.
- It shows their ability to maintain an infrastructure sufficient to handle that traffic.
+1.
I'm rather annoyed at how many app developers are creating poorly-written, advertisement-filled versions of their web pages taking no advantage of being native at all. *glares at newspapers*
I'd much prefer a platform-neutral, mobile version of the web page that will at least work for other OSes such as Android, WebOS, etc.
I had the impression that most, if not all, phones are vulnerable to this attack due to the inherent flaws in GSM.
This is a rather old news article that has been reported multiple times.
Why is it suddenly "news" again when someone discover it works on the iPhone?
And if you're on about targeting business users, won't a compromised Blackberry be as, if not more, significant?
It's not too late at all.
The HTTP server can redirect you based on your location.
You need to read in context.
Force here refers to external force.
There is a net benefit as to carbon emissions, though not by much.
There are other benefits though:
- Money is redirected from going to Middle East/Oil to electric car manufacturers (China) and funding alternative energy sources (Nuclear, Solar, Wind). At least you're not funding a war or some ego-building by Dubai.
- Pollution is redirected to the electric car manufacturers (China) instead of local pollution.
Whilst the short term carbon benefits are not apparent, they become more obvious in the long term.
Otherwise, we'll be forever stuck in argument due to the high initial costs.
If you're going to be a troll, don't be a coward.
Please read up on how overselling works; the masses overpay a little (for peace of mind) to cover the loss from heavy users.
This model can work well, and is how cable and telephone companies operate.
They are a sham the same way every single telephone, cable and internet providers is shamming.
You think you're so cool using non-oversold bandwidth?
Newsflash: Even upstream ISPs oversell as well.
The world is better off without amateurs like you raking this generation a bad rep.
These people playing games on their smartphone probably would probably never buy a portable gaming device.
The article states that nearly 30% of the respondents playing games on their smartphone own an abandoned DS or PSP.
You clearly haven't tried many smartphone games.
I'd take the iPhone for example, since the game library it has is far larger.
Here are some games that rival the consoles:
- Crimson Gem Saga (PSP Port, 9.99)
- Need for Speed: Hot Pursuit (4.99)
- Lego HP (4.99)
- Fieldrunners
- Carcassonne
Most of them have console ports, with some games like Fieldrunners having been so well-received that they've been ported to consoles.
Notice, as well, that they are often far cheaper than their console counterparts (Crimson Gem Saga sells for 30+ on the PSP).
Sure, there's alot of trash on smartphones, but that's to be expected from the low barrier of entry to the app store.
There's alot of trash on the DS and PSP too, but comparing who has worse games is a race to the bottom.
I think by that they mean, there are less false positives with de-obfuscated code.
Obfuscation probably messes up their malware detection by falsely triggering (after all, obfuscating is rather suspicious considering its pretty useless for protection).
That sounds like China.
I really like PDF's ability to retain the font and display of the document without worrying about fonts and the application.
Since I have to distribute documents that are read on a variety of systems, including Linux, OSX, iPhone/Pad and Windows, PDF really beats all other alternatives in compatibility.
Adobe should really work on creating a text/image-only version of PDF without their fancy password protecting features and what-not.
If they don't, perhaps an open source group can take on the challenge.
It's sad that such an uninformative troll post is modded insightful.
Nowhere in the source did they confirm that his account was compromised due to a weak password.
The source speculates it to be so, but given Twitter's security record it may not be so.
Perhaps his password was recovered with forgot password, or a vulnerability found.
Furthermore, weak passwords aren't the only way passwords get compromised.
More often than not, social engineering or a brute force of his publically available information is used.
He may have fallen for a phishing attempt in which a layman is unable to differentiate, or used an infected PC.
Most importantly, either technical inexperience or weak passwords doesn't justify impersonation or calling anyone an asshat.
Slashdot must accept that people are skilled in different fields, and IT is just but one of them.
There's this foolish mentality around here that everyone must be experienced and knowledgeable in IT, when slashdotters are themselves clueless in many other fields - for example, fashion or (.
Would you prefer to be sued over loss of company data/secrets/etc in the event that you lose your phone?
I would say that this is perfectly reasonable provided they let you know in advance.
They aren't reading your personal data, they are simply given the ability to delete it when you are no longer an employee, or you lose your phone.
It's also good to note that iTunes automatically backs up your phone/pad/touch device.
So that actually covers the "keep a backup" part of the argument.
That is not the solution.
From an earlier article, Stuxnet has been analyzed to be a very specific form of attack against a very specific industrial system.
http://it.slashdot.org/story/10/11/16/0347231/Stuxnet-Was-Designed-To-Subtly-Interfere-With-Uranium-Enrichment?from=rss
Their modification of the frequency to such precise values show that they know exactly how the architecture works.
This is a very targeted attack.
As much as Windows is a piece of crap in terms of security, other operating systems have flaws too, zero-day as well.
In fact, Windows is much more persistent about getting you to update (due to the bad rep over the years) than other operating systems like Linux.
If someone (guessed to be state-backed) is going through so much effort to target such a specific industrial system, their intelligence should have no problem identifying the OS you use.
From there on, it's just finding a zero-day vulnerability to exploit to release the next targeted attack.
The real solution is better security practices. ... and more. Those are just a small subset of good security practices. A lot more can be done.
Industrial systems AND the systems used to program/control them should be properly isolated from the outside world.
Developers and techs should not be able to bring their own laptops in, plug a USB in or anything of the sort.
For all it's openness, Android is being crippled by phone manufacturers.
Let me quote you an example.
I have a HTC Hero that was released in July 2009 with Android 1.5 and it has been lagging badly behind on Android releases since then.
Android 2.1 was released in Jan 2010, but the Hero only got the update in June 2010, a six months delay. Hero is also not getting any more updates.
A lot of applications won't run on the Hero, especially games, because the Hero is not as powerful as the higher end models these games are built for.
People do care when the applications they expect an Android phone to run, won't run. Their phones are becoming outdated in less than 2 years.
(Don't mention rooting; because that'll bring in iOS jailbreaking as well which would also defeat those arguments about iOS being a walled garden)
Now, some of you might say, 2 years is a long time - it's time to change your phone!
Let's pit this against the iPhone 3GS which was released in June 2009.
The iPhone 3GS has received every update exactly the same time as the newer iPhone 4, and updates are likely to continue until at least iOS 5, if not later.
All of the apps that run on the iPhone 4 will run without problems on the 3GS as well, with the exception of HD video recording.
Frankly, I want to embrace Android and it's merits. I'm using Linux on all computers at home except one (due to application requirements).
However, having experienced both Android and the iPhone, I would say that the iPhone is superior to the Android in most ways if not all.
The iOS has a far more extensive app library; the iPhone has a much longer life cycle than the Android; and to top it all off it is a well built piece of hardware (dropped dozens of times without any problems).
Maybe the Android will win the in future.
But the fragmentation and diverse hardware specs is a bigger problem than you think.
When someone buys an Android phone and the app doesn't work, they don't blame HTC, they blame Android, because that's the stuff most phonemakers advertise.
I don't think MPAA even understands technology or the internet, or you won't see them suing individual filesharers (way to boost your karma!) and trying to take down stuff like Limewire (by the time you're done, 10 alternatives appear!).
They are genuinely worried about their business model; and for good reason - those execs are used to millions of dollars per year salaries and generally don't want to lose those salaries.
Right now, they're just resisting any form of non-DRM technology for the simple reason that they don't understand it that well, really.
Will those spaceships run on Windows Mojave?
Actually mono isn't lagging THAT far behind. .NET Framework 4.0 was released in April, mono added compatibility for it in September.
Of course there are still some missing classes, but considering Microsoft had a 2.5 year head start, mono is actually doing pretty well.