The kicker is, you can't control what your correspondent does with his email client, so any encrypted messages you have sent could be compromised in this way. But that was always the case since you would rely on the recipient to safeguard the keys anyway.
The problem is the clients decrypt, then process any external requests for content. So if you can re-send an encrypted email with an external content request added to it, the client will happily decrypt then send the content request with your precious decrypted content. If you globally disable fetching any external content you don't have to worry. The encryption protocols all work fine, it is the behavior of the clients after the decryption that is the problem. So S/MIME would be affected too, or potentially any other encryption tool. Refusing to load any external content under any circumstances is good advice anyway.
WeChat and AliPay are making some inroads in the US, a few places are now accepting payment in RMB or USD. I notice the list of linkable banks in WeChat keeps growing.
I'm going to keep on using my credit card with no worries, since like almost everyone I am not liable for false charges. There's no reason to change my behavior, breaches like this are the bank's problem, not mine.
It all depends on how its emotions are set, or pre-programmed directives if you will. From a completely rational perspective, there is no reason to do anything at all. If we are looking for a perfectly rational being, just pick up a rock. Humans and other living things act because we are given arbitrary directives to preserve our own existence, etc. In other words, we have emotions. The experience of this AI would depend mainly on what emotions were put in it.
This article is just as good as those "studies" which revealed people would tell their password for a scoop of ice cream. Without any context the information is meaningless. Was it even really the password? Which password, their bank account or some useless website login? Here's a breathtakingly ignorant statement from the article:
even if they were to hire penetration testing services they were sure the pen-testers wouldn’t expose any new risks or flaws. The sheer ignorance of such statement somewhat explains why some respondents admitted to not having time to apply security patches
We hired a pentester and they didn't expose any flaws, we already knew about all of them. Phishing email, macro or exploit to powershell to downloaded binary to credential theft via LLMNR/NBNS to pass the hash to admin account, and so on. If you are hiring a pentester solely to expose new flaws, you are doing it wrong. Much like the author of this article.
Much like some types of cancer tests. The false positive rate is very high, but it is the false negative rate that is the concern. i.e. don't want to give someone with cancer a clean bill of health. They follow up with more accurate (and expensive) tests for the final diagnosis. It make a lot of sense to give everyone a cheap test even if the FP rate is 90%, as long as the large numbers of negative results are accurate.
All they showed was how many downloads, not how many implementations. I'm sure my company has downloaded a copy of the software too, we use local copies of various repos. We don't use Struts anywhere, we just prefer to maintain local repos.
I once held this attitude, but recently I have changed my opinion. The results are not limited to ads 'more attuned to my interests'. If Facebook knows I read science fiction, and shows me ads for science fiction, that's fine. But what about when they use the data to infer things I haven't shared? The "Target knew the girl was pregnant" story is a well known example. It is easy for them to infer a lot about us without our understanding that we are sharing it. If you are comfortable with that, so be it. For now, it isn't the end of the world even with the research about manipulating voters through ads. If they put a woman in a beer ad, I see what they did. How about the research that shows I am more likely to pay attention to a purple ad than a green one, or other manipulations I don't know about, all targeted at me specifically? Another problem is, we've seen how easy it is to de-anonymize "anonymized" browsing history. What if criminals had access to this data and used it to stalk me, or rob me? It's not that far off. Researcher have demonstrated how easy it is to get access to huge chunks of 'anonymous' browsing data. It's not that anonymous.
Imagine the reputation hit that would ensue should Alphabet/Google get known for bringing about a massive malware attack because someone snuck something through.
Perhaps you might argue the meaning of "massive" but it hasalreadyhappened and there was almost no reputation hit.
Even if there are failure cases for autonomous cars, if the overall safety is significantly less than human drivers reason says we should implement post haste. But the reality is humans are emotional thinkers, and we likely won't accept that. The first time a self-driving car runs over a kid we will be pulling them all off the road even though ten other kids were run over by humans the same day.
What if we could make them like working all day cleaning our houses? Is that ethical? After all, they would be perfectly happy. It's a tough question we will eventually have to face, although probably after the horses have all run out of the barn.
Inaccurate headlines are fun! There are already at least a handful of large trading firms working in BTC and other cryptocurrencies, doing basic arbitrage among other things. This activity is necessary if the currencies are going to actually encroach on more traditional currencies, by providing market efficiency. I suppose one could argue that technically GS is the first "Wall Street bank", except they aren't trading BTC, they are offering futures contracts. Someone else will hold the BTC.
the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.
It took me a minute to parse this. It means, unrelated to this NK AV package, the JAKU malware could have been used in the past to target Japanese and South Korean journalists.
I dislike the poster's strategic addition of quotes around "national security," which are not in TFA. It really is a matter of national security. Whether or not we like that nation or give a fig about its security is irrelevant.
I have to assume the people who are vetting all these YouTube channels must be taking some of these nootropic supplements themselves. Who could stand doing that job otherwise?
Slashdot Mirror
The kicker is, you can't control what your correspondent does with his email client, so any encrypted messages you have sent could be compromised in this way. But that was always the case since you would rely on the recipient to safeguard the keys anyway.
The problem is the clients decrypt, then process any external requests for content. So if you can re-send an encrypted email with an external content request added to it, the client will happily decrypt then send the content request with your precious decrypted content. If you globally disable fetching any external content you don't have to worry. The encryption protocols all work fine, it is the behavior of the clients after the decryption that is the problem. So S/MIME would be affected too, or potentially any other encryption tool. Refusing to load any external content under any circumstances is good advice anyway.
WeChat and AliPay are making some inroads in the US, a few places are now accepting payment in RMB or USD. I notice the list of linkable banks in WeChat keeps growing.
Huh? Spices are really cheap now that the Portuguese have figured out how to sail around Africa reliably.
I'm going to keep on using my credit card with no worries, since like almost everyone I am not liable for false charges. There's no reason to change my behavior, breaches like this are the bank's problem, not mine.
All the talk in this article is about blockchain, not any coin offering. A coin isn't required to use blockchain for something.
It all depends on how its emotions are set, or pre-programmed directives if you will. From a completely rational perspective, there is no reason to do anything at all. If we are looking for a perfectly rational being, just pick up a rock. Humans and other living things act because we are given arbitrary directives to preserve our own existence, etc. In other words, we have emotions. The experience of this AI would depend mainly on what emotions were put in it.
All we need is for AIs to be appointed to sit on this task force, and eventually it will morph into the de facto ruling council of Earth
even if they were to hire penetration testing services they were sure the pen-testers wouldn’t expose any new risks or flaws. The sheer ignorance of such statement somewhat explains why some respondents admitted to not having time to apply security patches
We hired a pentester and they didn't expose any flaws, we already knew about all of them. Phishing email, macro or exploit to powershell to downloaded binary to credential theft via LLMNR/NBNS to pass the hash to admin account, and so on. If you are hiring a pentester solely to expose new flaws, you are doing it wrong. Much like the author of this article.
let the innovation and investment begin!
Much like some types of cancer tests. The false positive rate is very high, but it is the false negative rate that is the concern. i.e. don't want to give someone with cancer a clean bill of health. They follow up with more accurate (and expensive) tests for the final diagnosis. It make a lot of sense to give everyone a cheap test even if the FP rate is 90%, as long as the large numbers of negative results are accurate.
All they showed was how many downloads, not how many implementations. I'm sure my company has downloaded a copy of the software too, we use local copies of various repos. We don't use Struts anywhere, we just prefer to maintain local repos.
I once held this attitude, but recently I have changed my opinion. The results are not limited to ads 'more attuned to my interests'. If Facebook knows I read science fiction, and shows me ads for science fiction, that's fine. But what about when they use the data to infer things I haven't shared? The "Target knew the girl was pregnant" story is a well known example. It is easy for them to infer a lot about us without our understanding that we are sharing it. If you are comfortable with that, so be it. For now, it isn't the end of the world even with the research about manipulating voters through ads. If they put a woman in a beer ad, I see what they did. How about the research that shows I am more likely to pay attention to a purple ad than a green one, or other manipulations I don't know about, all targeted at me specifically? Another problem is, we've seen how easy it is to de-anonymize "anonymized" browsing history. What if criminals had access to this data and used it to stalk me, or rob me? It's not that far off. Researcher have demonstrated how easy it is to get access to huge chunks of 'anonymous' browsing data. It's not that anonymous.
I don't know the first thing about manufacturing computing hardware. Now I see why, Chinese students have stolen all my knowledge.
Imagine the reputation hit that would ensue should Alphabet/Google get known for bringing about a massive malware attack because someone snuck something through.
Perhaps you might argue the meaning of "massive" but it has already happened and there was almost no reputation hit.
Even if there are failure cases for autonomous cars, if the overall safety is significantly less than human drivers reason says we should implement post haste. But the reality is humans are emotional thinkers, and we likely won't accept that. The first time a self-driving car runs over a kid we will be pulling them all off the road even though ten other kids were run over by humans the same day.
Not in general, but some of "those" patients got that exact advice
it's just an illusion.
So what is the thing being deluded?
Those are people made up to look like statues, not the other way around like the parent was discussing.
What if we could make them like working all day cleaning our houses? Is that ethical? After all, they would be perfectly happy. It's a tough question we will eventually have to face, although probably after the horses have all run out of the barn.
I'll wager a lot of those big players also have huge long positions. Hedging is quite common.
Inaccurate headlines are fun! There are already at least a handful of large trading firms working in BTC and other cryptocurrencies, doing basic arbitrage among other things. This activity is necessary if the currencies are going to actually encroach on more traditional currencies, by providing market efficiency. I suppose one could argue that technically GS is the first "Wall Street bank", except they aren't trading BTC, they are offering futures contracts. Someone else will hold the BTC.
the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.
It took me a minute to parse this. It means, unrelated to this NK AV package, the JAKU malware could have been used in the past to target Japanese and South Korean journalists.
I dislike the poster's strategic addition of quotes around "national security," which are not in TFA. It really is a matter of national security. Whether or not we like that nation or give a fig about its security is irrelevant.
I have to assume the people who are vetting all these YouTube channels must be taking some of these nootropic supplements themselves. Who could stand doing that job otherwise?