I know you're probably going for funny. But, that is the point of QKD. If the entangled photons are observed mid transit, they will be altered or not arrive at the destination. When this happens the distributed keys won't match and therefore the encryption/signatures will fail and the interception will be detected. The summary is incorrect in how it describes the working of QKD.
QKD still relies on classic crypto to encrypt the channel and verify the authenticity of the keys and the participants, otherwise it is susceptible to a 'QKD middleman' attack. What QKD is doing is guaranteeing that a potentially 'faulty' key exchange algorithm can not be attacked in the future and the session keys determined. This removes potential future attacks due to a future quantum computing or other successful attack on prime factor, modular exponentiation or elliptic curve based key exchange algorithms.
He was just a random guy who rented a tiny little retail space. Then somehow managed to wheel and deal over the last 20 years his way to billionaire status. He wasn't a billionaire when he rented that little space.
No argument from me. I'm just pointing out that a half arsed 'policing' effort is only hiding a symptom of a much deeper problem. IME, the vast majority of people are weak minded, especially younger ones that are so beholden to peer pressure. The solution IMO isn't to pamper and shelter, but to educate and nurture. Which is how you've described your upbringing.
A commentary that purports that these terms are somehow 'encouraging' these negative direction eating disorders. No mention of the other direction leading to obesity and diabetes.
We don't see any examples of banned terms, and no comparison and in fact completely ignoring all other aspects of media that indirectly induce this sort of thing. How many of these terms are really 'promoting' this?
Look at women's magazines, diet ads, plastic surgery, exercise obsession, and so many other things that imply that physical appearance is king and you must do something about yours. The media/advertising push is that a 'perfect' body is achievable, and by implication 'you' are not perfect and have work to do (and ideally money to spend!).
Emotionally impacted girls (and possibly some guys) become obsessed with what they eat, in a way that is so stressful that the act of eating itself produces stress and anxiety. Imagine, every time you felt hungry, something inside you made you feel nauseous and panicked. The more you try to eat to get better, the more you worry. The more you worry, the harder it is to eat and hold down what you do eat.
Some of these banned/hidden searches may indeed be promoting this stuff. We don't know, because the article doesn't say, and maybe just making stuff up. It might possibly be outright encouragement, or be as simple as some trigger images/words that add to the stress. Meanwhile, the overwhelmingly pervasive sexy/beauty based advertising and other appearance based psychological targeted entertainment get a pass.
Yeah, that ZTIC looks promising, but still flawed. Sadly, it depends on the OS and local software to be completely trusted. In the end, it could be remotely proxied by a compromised browser. If that little USB dongle had an LCD and confirm button, it would complete the security and completely remove the benefit of trojaning the OS, banking software or browser on the computer. If an attacker tried to change the account or the amount, it would be visible on the Dongle's LCD.
The Yubikey looks very interesting too as they have an open standard based direct browser support/integration. So, like the ZTIC it effectively reduces the attack surface to having to compromise the browser or OS directly, rather than just a relatively simple phishing attack. Unfortunately, if the Browser is compromised (or a trojan browser downloaded) an attacker can proxy the Yubikey physical presence challenge/response to a remote attacker's site. But, that is much more difficult than a simple phishing site.
I like your idea of the cellular device. It doesn't matter if someone tries to steal the IMEI or redirect the cellular account, since the crypto in the product guarantees it always authenticates the bank (and vice versa). In fact, Apple or Google could include something like that as a standard feature in the trusted zone of their products along with a dedicated indicator on the product that only turns 'green' when the authentication tool is running in full display mode. Then you just set up for various secure sites/entities like is done for Google Authenticator, and either directly confirm with a button on the tool, or optionally use a confirmation code displayed on the secure display and entered into the browser. The confirmation code allows the system to use a simple transport like SMS to send the user an encrypted/authenticated data and confirmation code - meaning an SMS/IMEI redirect isn't going to help an attacker as they can't decrypt the SMS - so the user can enter it into an application on another to round-trip secure that application if necessary. For most things a direct 'confirm' button on the authentication tool would be a simple single button solution to secure access and transactions.
U2F is a significant improvement on faux two factor schemes because it not only directly provides a cryptographic challenge/response auth, but it uses features in the browser that are not controlled or can be overridden by scripts running in the accessed page. And as such provides a complete round trip cryptographically secure verification of what URL the browser thinks it's accessing.
This lets the 'something you have' become the [browser + OS + PKI + UDF device]. Which means the attacker must now compromise one or more of these things to be able to intercept the communications path to/from the U2F key. The direct attack is to somehow compromise the system browser (zero day exploit, etc) or wait for the user to download a trojan browser. The compromised browser can then automatically redirect access attempts for a targeted secure site through a remote 'middle man' server which now also has proxied access to the U2F key. As such the remote site now has all the tools and information required to 'modify' the session of the attacker's choosing, eg. a bank transfer to an account chosen by the attacker.
Similarly, if the PKI is compromised (eg. injected root authority certificates in for example a corporate firewall, great firewall of china, or some social engineering of a server cert provider along with a dns poisoning attack), the attacker can now have their phishing site auto redirect to the actual bank/secure URL (which is now running through the middle-manned tunnel).This PKI attack would be prevented if U2F challenge/response also included a hash of the session key/server cert that was being used to secure the channel and not just the URL. Ideally the U2F key would just perform the full SSL key negotiation itself so it becomes impossible to middle-man the session with an injected root authority cert. If it did that, then the secured site will not be accessible through a strict corporate firewall (or China's great firewall) that uses its own root authority cert in the browser to compromise PKI for deep packet inspection - but then again, that should be considered a feature, not a bug.
U2F is definitely an improvement, and probably the best we're going to get for a while considering the pervasive requirement that sites be accessible via use of a generic remote display tool (the web browser).
Problem here is that all these OTP (including SMS, Authenticator, etc) systems are glorified version of the 1st factor 'something you know'. The something you have is only being used as the equivalent of a memory aid to boost the strength of the 'something you know' factor.
The web browser is effectively a remote display for a secure server with generic security and a variable security interface provided by the remote system to display on the user's display (browser). A properly secured system (secure browser) would have a separate non-variable authentication dialog that is used to secure a channel. That dialog would use properly secure password exchange protocols like SRP. For second factor an API that allowed the browser security and authentication dialog to be proxied through the locally held USB 'second factor' would pretty much lock down the display so it only showed what could be locally encrypted and decrypted by the physically held factor, and as a bonus, the physical factor should have a mini LCD and 'confirm' button to allow the remote system to make sure certain risky actions are authenticated out-of-band of a potentially compromised browser and/or operation system.
The above doesn't stop a local targeted trojan from faking the whole screen and using your password and hardware token for a completely remote session. But, it does stop any rogue site or middle man from impersonating the secure server that you are talking to. And an 'in the loop' hardware token with LCD and confirmation button would even prevent a compromised computer from faking the critical data in the session (such as account numbers, values, and confirming transfers).
SMS based systems that send the full details per transaction with a 'confirm transfer to EntityX for $Y by entering the provided 6 digit code into the web portal' are an improvement, but are still susceptible to phone number hijacking.
A better option is to use a specialised Banking App on the phone itself to perform the transaction. At least you know the App (unless the phone is compromised, or you downloaded the App from a 'bad' place) is going to authenticate the server and path and can use secure protocols for password exchange and transaction authorisation. This is closer to 2FA, because the bank could authenticate the App on initial setup, and from then on, you must use that phone and that App with that password. The Phone/App become 'something you have' and the password is the 'something you know'. Someone steals or you lose your phone, you have to set up the banking App again and generate a new password.
The premise of multi factor security is that the authentication is performed in a way that guarantees each factor is an orthogonal channel. Ie. Something you know (ie. information), something you have (a physical device), and something you are (your physical body).
Sending something out of band to a user (or getting them run App that generates that something), that they then enter and send down the same authentication channel as the password is still single factor. Same applies to a photo of the user when a remote server is taking the picture with a remote 'camera' that is not under its secure control.
The issue is that anyone that hijacks the connection (either with a mistyped/phished link, or more a sophisticated interception/trojan attack), can run a simultaneous session so the user sees a facsimile of the real site and performs all security requests to enter data along the same channel. Since the channel is hijacked, the attacker just runs a parallel session where they enter all the same data as the user in the real session, while the user enters data into the fake channel (including SMS codes, google authenticator codes, whatever).
This reduces these techniques to a single factor 'something you know'. Even though some of that data is recreated at the last second (OTPs/codes) and then combined with longer term unchanging values such as password/userid/etc, it is still just a single use 'something you know', albeit something you only knew for a short time, and the knowledge is now longer useable.
Even though these banking style faux 2FA systems are still just a single factor, One Time Passwords (OTPs) are an improvement over a single long term password as they are a single use 'something you know'. So they prevent an attacker having repeated access. OTPs can be known through a device (FOB), an App (Authenticator), an SMS message, or even a series of passwords or an algorithm you've memorised that allows the OTP to never be repeated. These hardware/software based '2nd factor' systems are simply memory boosters so you don't have to memorise anything complicated, or multiple single use codes. Some people call this 'two factor', but the authentication path still reduces to 'something you know' since with 'you' as proxy, at the time of entry, it is still clearly only 'something you know', and no longer 'something you have'. It is something you know, that I could come to know remotely, even if just for a single use, without having access to your 'something you have'.
True 2FA 'something you have' would require the browser authenticate through your 'authenticator device' where the device is verifying the communications path and data that the user is entering into it. True 3FA would have you enter a secure environment with the first two factors, then use securely controlled scanner(s) to verify that your physical body or a perfect facsimile is being scanned.
Moral of the story, never remove the SD card from your phone before crossing the border. This manoeuvre is probably far more painful if there's nothing for them to find, and yet they keep looking.
Some random customs officer takes a USB stick and puts it into someones laptop. A laptop with total control of its own I/O systems, peripheral ports, and software execution environment. Maybe they try to run some custom software that exists on the USB stick. Maybe they try to boot your machine off their USB stick, or have it somehow run something from the USB stick before you host OS takes control.
Then they take out the USB stick, hopefully wipe it off, and put it into someone else's laptop and do the same thing?
And they think this is a good idea?
I'll leave it up to the reader to see if they can find the problem with this.
Since all the AI can do is possibly activate indicator lamps or play messages to people to ask them to do things, then it isn't going to help. Considering that the problem is obvious at the outset, it doesn't take an AI to make it any more obvious.
This is equivalent to just making one door 'in' and the other door 'out' in a variable rather than fixed manner. It can't solve the primary clearly known issues that were indicated: people standing too close to the yellow lines, holding doors, crowding doors, etc.
You don't need cameras and AI if you can force people to evenly distribute themselves, stop crowding doorways, stop trying to enter through closing doors, and stand away from the edge of the platform. Even better, have a lit sign that directs the flow of people inside the carriage to one of the doors when the train is more than half full, and make sure the carriages line up properly on the platforms that also has lights so people know which is the 'entry' and which is the 'exit' door.
It also helps when there are signs/announcements around the place that reminds people to 'stand away from the doors until passengers have finished exiting', 'stand to the left(or right) on the escalator if you're not walking', 'stand up and move towards to the carriage doors before the train arrives at the platform', 'stand back from the yellow line - or the train will be delayed', etc.
One time we're sitting on the train waiting at the platform and the PA comes alive with: "please stand back from the doors". Followed about 20 seconds later with: "would the guy in the blue shirt and baseball cap in the third carriage stop holding the door as you are delaying the train from leaving the platform". Another 20 seconds: "to the guy holding the door, the security staff are on their way down to remove you and the friend you're waiting for from the train".
Well, it was "a station wagon full of tapes hurtling down the highway" when I first read it Tannenbaum's Computer Systems textbook. And it's still funny twenty years later (mildly or otherwise), because it's still true.
In fact the SETI project still does exactly this to deal with insufficient internet bandwidth by transferring data in the form of a big pile of magnetic tapes from the radio telescope array in Puerto Rico to California for analysis. Which as alluded in the summary is a problem that may exist with the amount of data generated by this new telescopic array. And the reason I made the initial comment.
I was going for funny. But, theoretically assuming the antenna array was operating continuously 24/7, then a few thousand tape drives all writing in parallel would significantly reduce the write bandwidth problem.
The write bandwidth of any tape backup array needs to be at least as much as the average capture/save bandwidth of the data, otherwise it would never complete. In reality, that array would either pre-process some amount of data before archiving and/or only capture data in bursts - so total archival bandwidth my have spikes, but average to a readily achievable volume for archiving.
And sadly, even the Abrahamic/Christian 'God' is an anthropomorphism of a spirituality that can't properly be defined in that way. There are elements of the clergy and some lay folk in this category that have the understanding of that spirituality, and can see beyond the literal descriptions used in their scriptures. Yet most just look at the words, and those metaphorical descriptors are therefore lost. The metaphors only make sense to people that already have the deep insight and awareness of the metaphysical implications of something that defies language. The 'Sky daddy'' concept of 'God' is an attempt to define the undefinable and somehow explain it to the masses. Organised religion is not a good example of explanations towards the metaphysical.
Hawking used the capitalised term "God" implying those anthropomorphised versions of an entity or being that is defined as god. And the gross misunderstands of huge numbers of close minded people that read words and see a punishing or otherwise 'sky daddy' have missed the concepts that religion is trying to reach at the deeper level. The new testament can be summarised as 'god is love'. The old testament seems to include among some good insights, a lot of scare tactics to keep the followers in line (for better or worse). I can see how so many people get confused and end up 'condemning' the sinner, the 'un-believer', and the disabled man. In reality, they are not truly religious and are following their own emotional desires.
And as you say, when you see the word "God" capitalised, you can be almost certain that the reference is to the Abrahamic literal surface description of god. Most likely Hawking was drawing the same conclusion.
It's worse than that. The Apple car was probably merging at 1mph while the guy behind sped up to 15mph to fill a gap in the next lane over, but mistimed it. That part of Lawrence Expressway is like a huge parking lot during 'peak hour(s)' which lasts for a good half of the day, morning and evening.
The difference is that Uber is disrupting a service/industry that is only non-competitive because of monopoly style regulatory capture. That is anti-capitalist and therefore ripe for displacement (and subsequent cheering). A typical employee cab driver still has the option to drive for Uber. It's the 'badge' holders and dispatch companies that are being hard hit, because they were protected from competition for so long by being able to buy up the limited number of taxi licenses that were made available in a given area.
Whereas there IT workers being displaced is happening for the opposite reason. Ie. H1-B regulations are allowing employers (monied interests) to bring in temporary cheap labor thus driving down the value of the resource in a smaller segment without affecting the value of the economy as a whole.
If either workers were required to have some kind of permanent residency (or be aiming towards it - i.e. immigrants), or if there were absolutely no restrictions on workers or immigration, then the system would be pure capitalist. However, in that case, the whole economy would be affected equally, and the cost of living would drop (or the dollar would drop), thus equalising/buffering the effect. That would effectively remove any benefit to the corporation from the above behaviour, thus curtailing the behaviour in a natural capitalistic way.
So, no, this is not capitalism working. If anything, it is 'corporatism' working.
How can this guy seriously make the argument that something should be legal simply because people knew it was happening (likely illegally) before hand. Taking this line of reasoning, it could be argued that being illegally searched without probable cause is now legal simply because people expect it to happen anyway (even if they don't agree or like it).
While he's at it, why not apply this argument to every clause in the Bill of Rights and have the whole constitution repealed! Law enforcement have been 'getting away' with all sorts of activities that fly in the face of just about every clause in there. If there was a clause that specifically forbad the use of the Constitution to wipe one's ass, you know it'd be covered in shit. Come to think of it, I wonder what was written under that brown stain at the bottom of the document.
The problem with that reasoning is it assumes someone has secretly funded a potentially long and expensive development path that extends well beyond what a first stage researcher may have discovered.
For example, let's say the Pons & Fleischmann experiment actually did work and was reproducible. It still wouldn't have sufficient output to do anything useful without further research. So there is no way they could sit on their discovery and make their own megawatt scale cold fusion generator.
The key to dealing with those types of discoveries is either requiring scientific disclosure with appropriate reproducibility (and possibly a patent application with supporting evidence), or hoping an investor will pony up some cash to build a research team to further the investigation (day 1 being reproduction and measurement of the initial claims by an independent group and day 2 depending on the outcome of day 1).
Shenanigans like 'black boxes', and NDAs requiring an investigating party not disclose negative results, etc, are a red flag indicating that the claimants are trolling for gullible investors.
Probably a really good thing that they ran, as they would have been dramatically outnumbered if they'd hung around to 'fight'.
Keep in mind that this was a couple of guys in a vehicle pretending to be a whole battalion. So any attack on them would have been made by a force big enough to have some chance of success against the much larger 'illusory' target.
Any research or study of merit should be put into a database. This helps not only verification and result replication, but also makes searching and cross referencing far more effective. The verbosity required for journal publication is unnecessary, and the formats unusable without re-entering the data for proper formatting and processing.
Other areas that desperately need database coverage are things like copyright / patent / trademark registrations. In fact, copyright should go back to registered concept (instead of the default copyright system that we have now) and the work must be added to the fully searchable database with all appropriate key fields and variants (eg. lyrics + score + references + recording for music, etc). Trademarks and patents are currently searchable only because of entities like google, and not because they are made properly accessible (by the government offices in question) including all pertinent raw data, references, and patent examiner notes that go into the applications.
I hope this heralds in some significant improvements to basic OCR. It amazes me that OCR against a printed document still doesn't always yield 100% success. Even worse are OCRs on printed music manuscripts. The recognition and transcription quality is atrocious.
And yet, these guys can recognise handwriting with incredible accuracy.
I keenly await when these algorithms can be expanded to general OCR / document recognition. Even if there need to be specific models for each type of document.
With the amount of "MacKeeper" subterfuge style pop-up ads that appear all over the place, I've always assumed that it was a scam. Kind of like the random calls you get from India saying your Windows machine has a virus - even if you don't use Windows.
Slashdot Mirror
That was funny though!
I know you're probably going for funny. But, that is the point of QKD. If the entangled photons are observed mid transit, they will be altered or not arrive at the destination. When this happens the distributed keys won't match and therefore the encryption/signatures will fail and the interception will be detected. The summary is incorrect in how it describes the working of QKD.
QKD still relies on classic crypto to encrypt the channel and verify the authenticity of the keys and the participants, otherwise it is susceptible to a 'QKD middleman' attack. What QKD is doing is guaranteeing that a potentially 'faulty' key exchange algorithm can not be attacked in the future and the session keys determined. This removes potential future attacks due to a future quantum computing or other successful attack on prime factor, modular exponentiation or elliptic curve based key exchange algorithms.
He was just a random guy who rented a tiny little retail space. Then somehow managed to wheel and deal over the last 20 years his way to billionaire status. He wasn't a billionaire when he rented that little space.
No argument from me. I'm just pointing out that a half arsed 'policing' effort is only hiding a symptom of a much deeper problem. IME, the vast majority of people are weak minded, especially younger ones that are so beholden to peer pressure. The solution IMO isn't to pamper and shelter, but to educate and nurture. Which is how you've described your upbringing.
A commentary that purports that these terms are somehow 'encouraging' these negative direction eating disorders. No mention of the other direction leading to obesity and diabetes.
We don't see any examples of banned terms, and no comparison and in fact completely ignoring all other aspects of media that indirectly induce this sort of thing. How many of these terms are really 'promoting' this?
Look at women's magazines, diet ads, plastic surgery, exercise obsession, and so many other things that imply that physical appearance is king and you must do something about yours. The media/advertising push is that a 'perfect' body is achievable, and by implication 'you' are not perfect and have work to do (and ideally money to spend!).
Emotionally impacted girls (and possibly some guys) become obsessed with what they eat, in a way that is so stressful that the act of eating itself produces stress and anxiety. Imagine, every time you felt hungry, something inside you made you feel nauseous and panicked. The more you try to eat to get better, the more you worry. The more you worry, the harder it is to eat and hold down what you do eat.
Some of these banned/hidden searches may indeed be promoting this stuff. We don't know, because the article doesn't say, and maybe just making stuff up. It might possibly be outright encouragement, or be as simple as some trigger images/words that add to the stress. Meanwhile, the overwhelmingly pervasive sexy/beauty based advertising and other appearance based psychological targeted entertainment get a pass.
Yeah, that ZTIC looks promising, but still flawed. Sadly, it depends on the OS and local software to be completely trusted. In the end, it could be remotely proxied by a compromised browser. If that little USB dongle had an LCD and confirm button, it would complete the security and completely remove the benefit of trojaning the OS, banking software or browser on the computer. If an attacker tried to change the account or the amount, it would be visible on the Dongle's LCD.
The Yubikey looks very interesting too as they have an open standard based direct browser support/integration. So, like the ZTIC it effectively reduces the attack surface to having to compromise the browser or OS directly, rather than just a relatively simple phishing attack. Unfortunately, if the Browser is compromised (or a trojan browser downloaded) an attacker can proxy the Yubikey physical presence challenge/response to a remote attacker's site. But, that is much more difficult than a simple phishing site.
I like your idea of the cellular device. It doesn't matter if someone tries to steal the IMEI or redirect the cellular account, since the crypto in the product guarantees it always authenticates the bank (and vice versa). In fact, Apple or Google could include something like that as a standard feature in the trusted zone of their products along with a dedicated indicator on the product that only turns 'green' when the authentication tool is running in full display mode. Then you just set up for various secure sites/entities like is done for Google Authenticator, and either directly confirm with a button on the tool, or optionally use a confirmation code displayed on the secure display and entered into the browser. The confirmation code allows the system to use a simple transport like SMS to send the user an encrypted/authenticated data and confirmation code - meaning an SMS/IMEI redirect isn't going to help an attacker as they can't decrypt the SMS - so the user can enter it into an application on another to round-trip secure that application if necessary. For most things a direct 'confirm' button on the authentication tool would be a simple single button solution to secure access and transactions.
U2F is a significant improvement on faux two factor schemes because it not only directly provides a cryptographic challenge/response auth, but it uses features in the browser that are not controlled or can be overridden by scripts running in the accessed page. And as such provides a complete round trip cryptographically secure verification of what URL the browser thinks it's accessing.
This lets the 'something you have' become the [browser + OS + PKI + UDF device]. Which means the attacker must now compromise one or more of these things to be able to intercept the communications path to/from the U2F key. The direct attack is to somehow compromise the system browser (zero day exploit, etc) or wait for the user to download a trojan browser. The compromised browser can then automatically redirect access attempts for a targeted secure site through a remote 'middle man' server which now also has proxied access to the U2F key. As such the remote site now has all the tools and information required to 'modify' the session of the attacker's choosing, eg. a bank transfer to an account chosen by the attacker.
Similarly, if the PKI is compromised (eg. injected root authority certificates in for example a corporate firewall, great firewall of china, or some social engineering of a server cert provider along with a dns poisoning attack), the attacker can now have their phishing site auto redirect to the actual bank/secure URL (which is now running through the middle-manned tunnel).This PKI attack would be prevented if U2F challenge/response also included a hash of the session key/server cert that was being used to secure the channel and not just the URL. Ideally the U2F key would just perform the full SSL key negotiation itself so it becomes impossible to middle-man the session with an injected root authority cert. If it did that, then the secured site will not be accessible through a strict corporate firewall (or China's great firewall) that uses its own root authority cert in the browser to compromise PKI for deep packet inspection - but then again, that should be considered a feature, not a bug.
U2F is definitely an improvement, and probably the best we're going to get for a while considering the pervasive requirement that sites be accessible via use of a generic remote display tool (the web browser).
Problem here is that all these OTP (including SMS, Authenticator, etc) systems are glorified version of the 1st factor 'something you know'. The something you have is only being used as the equivalent of a memory aid to boost the strength of the 'something you know' factor.
The web browser is effectively a remote display for a secure server with generic security and a variable security interface provided by the remote system to display on the user's display (browser). A properly secured system (secure browser) would have a separate non-variable authentication dialog that is used to secure a channel. That dialog would use properly secure password exchange protocols like SRP. For second factor an API that allowed the browser security and authentication dialog to be proxied through the locally held USB 'second factor' would pretty much lock down the display so it only showed what could be locally encrypted and decrypted by the physically held factor, and as a bonus, the physical factor should have a mini LCD and 'confirm' button to allow the remote system to make sure certain risky actions are authenticated out-of-band of a potentially compromised browser and/or operation system.
The above doesn't stop a local targeted trojan from faking the whole screen and using your password and hardware token for a completely remote session. But, it does stop any rogue site or middle man from impersonating the secure server that you are talking to. And an 'in the loop' hardware token with LCD and confirmation button would even prevent a compromised computer from faking the critical data in the session (such as account numbers, values, and confirming transfers).
SMS based systems that send the full details per transaction with a 'confirm transfer to EntityX for $Y by entering the provided 6 digit code into the web portal' are an improvement, but are still susceptible to phone number hijacking.
A better option is to use a specialised Banking App on the phone itself to perform the transaction. At least you know the App (unless the phone is compromised, or you downloaded the App from a 'bad' place) is going to authenticate the server and path and can use secure protocols for password exchange and transaction authorisation. This is closer to 2FA, because the bank could authenticate the App on initial setup, and from then on, you must use that phone and that App with that password. The Phone/App become 'something you have' and the password is the 'something you know'. Someone steals or you lose your phone, you have to set up the banking App again and generate a new password.
The premise of multi factor security is that the authentication is performed in a way that guarantees each factor is an orthogonal channel. Ie. Something you know (ie. information), something you have (a physical device), and something you are (your physical body).
Sending something out of band to a user (or getting them run App that generates that something), that they then enter and send down the same authentication channel as the password is still single factor. Same applies to a photo of the user when a remote server is taking the picture with a remote 'camera' that is not under its secure control.
The issue is that anyone that hijacks the connection (either with a mistyped/phished link, or more a sophisticated interception/trojan attack), can run a simultaneous session so the user sees a facsimile of the real site and performs all security requests to enter data along the same channel. Since the channel is hijacked, the attacker just runs a parallel session where they enter all the same data as the user in the real session, while the user enters data into the fake channel (including SMS codes, google authenticator codes, whatever).
This reduces these techniques to a single factor 'something you know'. Even though some of that data is recreated at the last second (OTPs/codes) and then combined with longer term unchanging values such as password/userid/etc, it is still just a single use 'something you know', albeit something you only knew for a short time, and the knowledge is now longer useable.
Even though these banking style faux 2FA systems are still just a single factor, One Time Passwords (OTPs) are an improvement over a single long term password as they are a single use 'something you know'. So they prevent an attacker having repeated access. OTPs can be known through a device (FOB), an App (Authenticator), an SMS message, or even a series of passwords or an algorithm you've memorised that allows the OTP to never be repeated. These hardware/software based '2nd factor' systems are simply memory boosters so you don't have to memorise anything complicated, or multiple single use codes. Some people call this 'two factor', but the authentication path still reduces to 'something you know' since with 'you' as proxy, at the time of entry, it is still clearly only 'something you know', and no longer 'something you have'. It is something you know, that I could come to know remotely, even if just for a single use, without having access to your 'something you have'.
True 2FA 'something you have' would require the browser authenticate through your 'authenticator device' where the device is verifying the communications path and data that the user is entering into it. True 3FA would have you enter a secure environment with the first two factors, then use securely controlled scanner(s) to verify that your physical body or a perfect facsimile is being scanned.
Moral of the story, never remove the SD card from your phone before crossing the border. This manoeuvre is probably far more painful if there's nothing for them to find, and yet they keep looking.
So let me get this straight.
Some random customs officer takes a USB stick and puts it into someones laptop. A laptop with total control of its own I/O systems, peripheral ports, and software execution environment. Maybe they try to run some custom software that exists on the USB stick. Maybe they try to boot your machine off their USB stick, or have it somehow run something from the USB stick before you host OS takes control.
Then they take out the USB stick, hopefully wipe it off, and put it into someone else's laptop and do the same thing?
And they think this is a good idea?
I'll leave it up to the reader to see if they can find the problem with this.
Since all the AI can do is possibly activate indicator lamps or play messages to people to ask them to do things, then it isn't going to help. Considering that the problem is obvious at the outset, it doesn't take an AI to make it any more obvious.
This is equivalent to just making one door 'in' and the other door 'out' in a variable rather than fixed manner. It can't solve the primary clearly known issues that were indicated: people standing too close to the yellow lines, holding doors, crowding doors, etc.
You don't need cameras and AI if you can force people to evenly distribute themselves, stop crowding doorways, stop trying to enter through closing doors, and stand away from the edge of the platform. Even better, have a lit sign that directs the flow of people inside the carriage to one of the doors when the train is more than half full, and make sure the carriages line up properly on the platforms that also has lights so people know which is the 'entry' and which is the 'exit' door.
It also helps when there are signs/announcements around the place that reminds people to 'stand away from the doors until passengers have finished exiting', 'stand to the left(or right) on the escalator if you're not walking', 'stand up and move towards to the carriage doors before the train arrives at the platform', 'stand back from the yellow line - or the train will be delayed', etc.
One time we're sitting on the train waiting at the platform and the PA comes alive with: "please stand back from the doors". Followed about 20 seconds later with: "would the guy in the blue shirt and baseball cap in the third carriage stop holding the door as you are delaying the train from leaving the platform". Another 20 seconds: "to the guy holding the door, the security staff are on their way down to remove you and the friend you're waiting for from the train".
Well, it was "a station wagon full of tapes hurtling down the highway" when I first read it Tannenbaum's Computer Systems textbook. And it's still funny twenty years later (mildly or otherwise), because it's still true.
In fact the SETI project still does exactly this to deal with insufficient internet bandwidth by transferring data in the form of a big pile of magnetic tapes from the radio telescope array in Puerto Rico to California for analysis. Which as alluded in the summary is a problem that may exist with the amount of data generated by this new telescopic array. And the reason I made the initial comment.
I was going for funny. But, theoretically assuming the antenna array was operating continuously 24/7, then a few thousand tape drives all writing in parallel would significantly reduce the write bandwidth problem.
The write bandwidth of any tape backup array needs to be at least as much as the average capture/save bandwidth of the data, otherwise it would never complete. In reality, that array would either pre-process some amount of data before archiving and/or only capture data in bursts - so total archival bandwidth my have spikes, but average to a readily achievable volume for archiving.
..truck loaded full of magnetic tapes.
And sadly, even the Abrahamic/Christian 'God' is an anthropomorphism of a spirituality that can't properly be defined in that way. There are elements of the clergy and some lay folk in this category that have the understanding of that spirituality, and can see beyond the literal descriptions used in their scriptures. Yet most just look at the words, and those metaphorical descriptors are therefore lost. The metaphors only make sense to people that already have the deep insight and awareness of the metaphysical implications of something that defies language. The 'Sky daddy'' concept of 'God' is an attempt to define the undefinable and somehow explain it to the masses. Organised religion is not a good example of explanations towards the metaphysical.
Hawking used the capitalised term "God" implying those anthropomorphised versions of an entity or being that is defined as god. And the gross misunderstands of huge numbers of close minded people that read words and see a punishing or otherwise 'sky daddy' have missed the concepts that religion is trying to reach at the deeper level. The new testament can be summarised as 'god is love'. The old testament seems to include among some good insights, a lot of scare tactics to keep the followers in line (for better or worse). I can see how so many people get confused and end up 'condemning' the sinner, the 'un-believer', and the disabled man. In reality, they are not truly religious and are following their own emotional desires.
And as you say, when you see the word "God" capitalised, you can be almost certain that the reference is to the Abrahamic literal surface description of god. Most likely Hawking was drawing the same conclusion.
It's worse than that. The Apple car was probably merging at 1mph while the guy behind sped up to 15mph to fill a gap in the next lane over, but mistimed it. That part of Lawrence Expressway is like a huge parking lot during 'peak hour(s)' which lasts for a good half of the day, morning and evening.
Han shot first. Greedo never shot at all.
The difference is that Uber is disrupting a service/industry that is only non-competitive because of monopoly style regulatory capture. That is anti-capitalist and therefore ripe for displacement (and subsequent cheering). A typical employee cab driver still has the option to drive for Uber. It's the 'badge' holders and dispatch companies that are being hard hit, because they were protected from competition for so long by being able to buy up the limited number of taxi licenses that were made available in a given area.
Whereas there IT workers being displaced is happening for the opposite reason. Ie. H1-B regulations are allowing employers (monied interests) to bring in temporary cheap labor thus driving down the value of the resource in a smaller segment without affecting the value of the economy as a whole.
If either workers were required to have some kind of permanent residency (or be aiming towards it - i.e. immigrants), or if there were absolutely no restrictions on workers or immigration, then the system would be pure capitalist. However, in that case, the whole economy would be affected equally, and the cost of living would drop (or the dollar would drop), thus equalising/buffering the effect. That would effectively remove any benefit to the corporation from the above behaviour, thus curtailing the behaviour in a natural capitalistic way.
So, no, this is not capitalism working. If anything, it is 'corporatism' working.
How can this guy seriously make the argument that something should be legal simply because people knew it was happening (likely illegally) before hand. Taking this line of reasoning, it could be argued that being illegally searched without probable cause is now legal simply because people expect it to happen anyway (even if they don't agree or like it).
While he's at it, why not apply this argument to every clause in the Bill of Rights and have the whole constitution repealed! Law enforcement have been 'getting away' with all sorts of activities that fly in the face of just about every clause in there. If there was a clause that specifically forbad the use of the Constitution to wipe one's ass, you know it'd be covered in shit. Come to think of it, I wonder what was written under that brown stain at the bottom of the document.
The problem with that reasoning is it assumes someone has secretly funded a potentially long and expensive development path that extends well beyond what a first stage researcher may have discovered.
For example, let's say the Pons & Fleischmann experiment actually did work and was reproducible. It still wouldn't have sufficient output to do anything useful without further research. So there is no way they could sit on their discovery and make their own megawatt scale cold fusion generator.
The key to dealing with those types of discoveries is either requiring scientific disclosure with appropriate reproducibility (and possibly a patent application with supporting evidence), or hoping an investor will pony up some cash to build a research team to further the investigation (day 1 being reproduction and measurement of the initial claims by an independent group and day 2 depending on the outcome of day 1).
Shenanigans like 'black boxes', and NDAs requiring an investigating party not disclose negative results, etc, are a red flag indicating that the claimants are trolling for gullible investors.
Probably a really good thing that they ran, as they would have been dramatically outnumbered if they'd hung around to 'fight'.
Keep in mind that this was a couple of guys in a vehicle pretending to be a whole battalion. So any attack on them would have been made by a force big enough to have some chance of success against the much larger 'illusory' target.
Any research or study of merit should be put into a database. This helps not only verification and result replication, but also makes searching and cross referencing far more effective. The verbosity required for journal publication is unnecessary, and the formats unusable without re-entering the data for proper formatting and processing.
Other areas that desperately need database coverage are things like copyright / patent / trademark registrations. In fact, copyright should go back to registered concept (instead of the default copyright system that we have now) and the work must be added to the fully searchable database with all appropriate key fields and variants (eg. lyrics + score + references + recording for music, etc). Trademarks and patents are currently searchable only because of entities like google, and not because they are made properly accessible (by the government offices in question) including all pertinent raw data, references, and patent examiner notes that go into the applications.
I hope this heralds in some significant improvements to basic OCR. It amazes me that OCR against a printed document still doesn't always yield 100% success. Even worse are OCRs on printed music manuscripts. The recognition and transcription quality is atrocious.
And yet, these guys can recognise handwriting with incredible accuracy.
I keenly await when these algorithms can be expanded to general OCR / document recognition. Even if there need to be specific models for each type of document.
With the amount of "MacKeeper" subterfuge style pop-up ads that appear all over the place, I've always assumed that it was a scam. Kind of like the random calls you get from India saying your Windows machine has a virus - even if you don't use Windows.