Actually, the FIDO U2F standard would not allow man-in-the-middle attacks with a spoofed website. The key will only work with the specific domain that authenticated the key, so a fake domain wouldn't work. If the website itself is hacked on the back end, then all bets are off. Same thing if the user's browser/computer is hacked.
Foreign companies are required to form joint ventures if they want to do business in China and there's usually "forced" transfer of IP. More often than not, the IP ends up getting stolen.
Funny that you haven't provided an answer to OP's question. When I read the question, I thought about how he was hacked. Your response to being hacked depends on the threat model you are trying to contain. Did he click on a bad link that implanted malware? Did he download a virus from a warez site? Did he have weak passwords that compromised his email accounts? The solution to each problem is different. For instance, using user accounts and not admin accounts would help. So would using uOrigin or OpenDNS or other program to block bad links. A virus scanner might be in order if he's getting malware. Heck, he might want to spend money on backup solutions to protect his data! Weak passwords? Two-factor and a password manager. So I understand why more information is needed to provide a good answer.
But we have zoning laws that regulate the use of land. We don't let people build hotels or conduct business activities in residential neighborhoods, for instance. AirBnB is essentially allowing residential neighborhoods to be used as commercial enterprises, and that's pushing up the rents "unfairly" to the extent that it's against the zoning laws.
To demonstrate the dangers of jury nullification, let's not forget that white juries would routinely refuse to convict white men of the murders of blacks.
Firefox also refuses to implement FIDO U2F for cheap, reliable two-factor authentication. Right now, only Chrome and Opera support this functionality, and this is the only reason I am not using Firefox at the moment.
American tax policy gives an advantage to automation over labor. An employer must pay payroll taxes, maintain unemployment insurance and workers' compensation, and might have to offer health insurance. Employees are also protected by very strict rules on overtime. Meanwhile, machines are not subject to any of these taxes, rules, and regulations.
Yes, but there is a doctrine that limits what a patent-holder can charge for a technology that is essential for compliance with an industry standard. Google "FRAND" to get more information.
The article is deceptive and clickbait. Everyone has to comply with court orders, even though you can appeal them, but if you lose your appeal, you have to comply. The BB executive is making the point that "heck, our encryption is so good that we can't crack it even if we had to do it."
No one else supports the FIDO U2F security key standard in their browser. FireFox should be getting around to it anytime now, and I believe that Opera does. But that's probably why: the valid technical reason is that no one else supports the security standard.
Medical records are not supposed to be open to everyone in the medical facility. Accessing medical information just for shits and giggles will get you fired.
I found that more disconcerting than money theft. These dudes are trying to hack activists to sabotage their political action. It's like Mexico hacking journalists.
Levandowski founded Otto in January 2016 and was bought out by Uber in August 2016 for $680 million. It's interesting to note that there were multiple ex-Googlers who were in Otto but only Levandowski has been targeted by Google, which makes me think it isn't 100% purely bitterness by Google.
That's not true. Definitely not true. The "cloud" hasn't weakened encryption because WhatsApp and Signal (more Signal than WhatsApp) use an open-source protocol that is zero-knowledge through transit. The guys running the servers don't know the contents of the communications. (I believe that WhatsApp collects metadata but Signal does not.)
Google's Android and Apple's iOS are not being deliberately bugged with back doors. For fuck's sake, Android is open-source. It is possible to compile Android from the source code to make sure there aren't back doors. Apple patched iOS ten days after it learned that a private spy company had compromised iOS. When the FBI wanted to force Apple to hack the iPhone, Apple went to court to stop them, and finally forced the FBI to pay a private company to break the phone.
Nah. If your computer is hacked and the apps are compromised, then there is no way for that to be safe. The bad guys can put in their own certificates, etc.
Why would I use Telegram if I were concerned about security? It has a closed-source, roll your own crypto system. WhatsApp and Signal use OpenWhisper.
Anyway, WhatsApp might have security vulnerabilities or backdoors but the reported "backdoor" isn't a backdoor. It's a design choice, and there is an option for security-conscious people to see when a new crypto key is generated.
Well, he's referring to medical evidence that loneliness has been associated with a 30% raise in mortality, and posters in this thread are saying, "Yeah, but who benefits from this study" or "I feel great without friends." It's like saying, "Yeah, my grandfather smoked two packs a day and he lived to 100 so smoking is fine." A normal reaction to anecdotal evidence would be "that's bullshit."
Trump's Taiwan excursion was heavily planned after months of lobbying by Bob Dole and other registered foreign agents of Taiwan. Oh, and the Trump Organization sent someone to investigate a potential billion dollar deal to develop land in Taiwan while this was going on. But no conflict of interest there!
Slashdot Mirror
Actually, the FIDO U2F standard would not allow man-in-the-middle attacks with a spoofed website. The key will only work with the specific domain that authenticated the key, so a fake domain wouldn't work. If the website itself is hacked on the back end, then all bets are off. Same thing if the user's browser/computer is hacked.
https://www.yubico.com/2017/10...
Foreign companies are required to form joint ventures if they want to do business in China and there's usually "forced" transfer of IP. More often than not, the IP ends up getting stolen.
Funny that you haven't provided an answer to OP's question. When I read the question, I thought about how he was hacked. Your response to being hacked depends on the threat model you are trying to contain. Did he click on a bad link that implanted malware? Did he download a virus from a warez site? Did he have weak passwords that compromised his email accounts? The solution to each problem is different. For instance, using user accounts and not admin accounts would help. So would using uOrigin or OpenDNS or other program to block bad links. A virus scanner might be in order if he's getting malware. Heck, he might want to spend money on backup solutions to protect his data! Weak passwords? Two-factor and a password manager. So I understand why more information is needed to provide a good answer.
But we have zoning laws that regulate the use of land. We don't let people build hotels or conduct business activities in residential neighborhoods, for instance. AirBnB is essentially allowing residential neighborhoods to be used as commercial enterprises, and that's pushing up the rents "unfairly" to the extent that it's against the zoning laws.
To demonstrate the dangers of jury nullification, let's not forget that white juries would routinely refuse to convict white men of the murders of blacks.
Firefox also refuses to implement FIDO U2F for cheap, reliable two-factor authentication. Right now, only Chrome and Opera support this functionality, and this is the only reason I am not using Firefox at the moment.
Sure, but Amazon is bullshit. Get on that website, search for a Google Home, and they offer to sell you an Alexa.
American tax policy gives an advantage to automation over labor. An employer must pay payroll taxes, maintain unemployment insurance and workers' compensation, and might have to offer health insurance. Employees are also protected by very strict rules on overtime. Meanwhile, machines are not subject to any of these taxes, rules, and regulations.
Yes, but there is a doctrine that limits what a patent-holder can charge for a technology that is essential for compliance with an industry standard. Google "FRAND" to get more information.
The article is deceptive and clickbait. Everyone has to comply with court orders, even though you can appeal them, but if you lose your appeal, you have to comply. The BB executive is making the point that "heck, our encryption is so good that we can't crack it even if we had to do it."
No one else supports the FIDO U2F security key standard in their browser. FireFox should be getting around to it anytime now, and I believe that Opera does. But that's probably why: the valid technical reason is that no one else supports the security standard.
I wish Google will give me the option of disabling text messaging as a second factor for authentication.
Medical records are not supposed to be open to everyone in the medical facility. Accessing medical information just for shits and giggles will get you fired.
http://www.nydailynews.com/ent...
I found that more disconcerting than money theft. These dudes are trying to hack activists to sabotage their political action. It's like Mexico hacking journalists.
Levandowski founded Otto in January 2016 and was bought out by Uber in August 2016 for $680 million. It's interesting to note that there were multiple ex-Googlers who were in Otto but only Levandowski has been targeted by Google, which makes me think it isn't 100% purely bitterness by Google.
WRONG. This was a radio satellite designed to spy on you even if you stay indoors.
That's not true. Definitely not true. The "cloud" hasn't weakened encryption because WhatsApp and Signal (more Signal than WhatsApp) use an open-source protocol that is zero-knowledge through transit. The guys running the servers don't know the contents of the communications. (I believe that WhatsApp collects metadata but Signal does not.)
Google's Android and Apple's iOS are not being deliberately bugged with back doors. For fuck's sake, Android is open-source. It is possible to compile Android from the source code to make sure there aren't back doors. Apple patched iOS ten days after it learned that a private spy company had compromised iOS. When the FBI wanted to force Apple to hack the iPhone, Apple went to court to stop them, and finally forced the FBI to pay a private company to break the phone.
https://www.nytimes.com/2016/0...
I use DiceWare.
http://world.std.com/~reinhold...
Nah. If your computer is hacked and the apps are compromised, then there is no way for that to be safe. The bad guys can put in their own certificates, etc.
I will bet you that these guys will be doing oil changes and brake jobs and leave the complicated stuff to "real" mechanics.
Yep. Not sure what's so hard about it. Pull the physical card out of the laptop and be done with it.
Why would I use Telegram if I were concerned about security? It has a closed-source, roll your own crypto system. WhatsApp and Signal use OpenWhisper.
Anyway, WhatsApp might have security vulnerabilities or backdoors but the reported "backdoor" isn't a backdoor. It's a design choice, and there is an option for security-conscious people to see when a new crypto key is generated.
Well, he's referring to medical evidence that loneliness has been associated with a 30% raise in mortality, and posters in this thread are saying, "Yeah, but who benefits from this study" or "I feel great without friends." It's like saying, "Yeah, my grandfather smoked two packs a day and he lived to 100 so smoking is fine." A normal reaction to anecdotal evidence would be "that's bullshit."
Trump's Taiwan excursion was heavily planned after months of lobbying by Bob Dole and other registered foreign agents of Taiwan. Oh, and the Trump Organization sent someone to investigate a potential billion dollar deal to develop land in Taiwan while this was going on. But no conflict of interest there!
Just note that Blue Origin is a sub-orbital rocket. SpaceX has put stuff into orbit and recovered the first stage, which is much more complicated.