it's people in general. Anyone remotely famous gets plenty of "internet abuse". It's a side effect of being known. Politicians? check. CEOs? check. Bankers? check. Celebrities? check. Religious leaders? check. Reporters? check. Whistleblowers? check.
That would be because any (competent) backdoor will be encrypted and cryptographically signed with key(s) known only to the TLA. Consider a router -- it passes all packets normally unless it finds one that is properly signed, then it extracts and executes the payload, fully opening up the device to the whims of the TLA. In lieu of someone leaking or determining the key, it would be extremely hard to identify such a backdoor.
> and it may kill some business models that could have brought phones to the poor with no monthly charges
If a potential business model relies on creating a captive market via legislated freedom removal, it's a bad business model, full stop. Cell phone subsidization plans are already protected by contract law. The additional criminalization of unlocking is unnecessary.
Really? The summary describes a software flaw with grave security implications, and you weigh in with some whining about the use of 'actor' and a mediocre quality sentence?
Education time: Some words have multiple meanings. Actor is one of them.
actor
noun: actor; plural noun: actors
1. a person whose profession is acting on the stage, in movies, or on television.
2. a participant in an action or process.
I see it as good news that security software is getting more attention. There was a lot of bug backlog that's finally getting fixed. Each bug a bug is fixed we slowly and steadily eliminate attack vectors. Heartbleed is undoubtedly one of the drivers of this renewed attention, as are the revelations that nation states are actively working to exploit weaknesses. Patching bugs is one of the ways ordinary people can work against mass surveillance.
> Despite the fact that, as in Heartbleed, hyped to the max, very few actual bad things seem to happen.
Not all exploits get noticed. If your old laptop was keylogged, and a year after you got a new laptop you discovered that you were a victim of some sort of identity theft--- would you ever trace it back to the keylogger? If your $device was part of a botnet used for some sort of click fraud, would you notice?
So, you would have preferred a positive sounding statement indicating that they are aware that some users have privacy concerns and a vague reference to ongoing efforts to address these concerns?
I didn't find that response "worst of all time". It came across as lacking in the bullshit department, almost refreshingly so, actually.
> Employees not wearing protective gear worked with bacteria that were supposed to have been killed but may not have been.
So the employees didn't use protective gear during their work, and that got them slated for a killing? I can understand trying to contain an outbreak, but one would think they should have been quarantined and tested for infection before commencement with the killing. Who's in charge of this mickey mouse operation anyway?
make the same request when I accidentally reply-all to save myself 'reputational damage'? Or does this only work for large companies with lots of money?
Slashdot Mirror
> So, how to accomodate non-smartphone users? Different floors with bluetooth vs card key? Just don't go to that hotel?
They could have a box of 'loaner phones' that they hand out...
Hotel door app requires access to contacts, shared files, camera, microphone, GPS, SMS, internet, dropbox, google drive, online banking, ....
It's VPNs all the way down!
It seems like they are viewing tor as a "free vpn" so people can use facebook without their employer/school/etc knowing what they are doing.
Proprietary? You're ill informed. The code that writes those files is part of systemd. Anyone with a computer can grab a copy and rewrite them.
it's people in general. Anyone remotely famous gets plenty of "internet abuse". It's a side effect of being known. Politicians? check. CEOs? check. Bankers? check. Celebrities? check. Religious leaders? check. Reporters? check. Whistleblowers? check.
I can think of a $12 experiment that would answer that question
That would be because any (competent) backdoor will be encrypted and cryptographically signed with key(s) known only to the TLA. Consider a router -- it passes all packets normally unless it finds one that is properly signed, then it extracts and executes the payload, fully opening up the device to the whims of the TLA. In lieu of someone leaking or determining the key, it would be extremely hard to identify such a backdoor.
... and change all of your passwords today. This is the best way to devalue the 'massive database'. Then sanitize your SQL queries!
Thanks for your insightful contribution that doesn't suck.
> and it may kill some business models that could have brought phones to the poor with no monthly charges
If a potential business model relies on creating a captive market via legislated freedom removal, it's a bad business model, full stop. Cell phone subsidization plans are already protected by contract law. The additional criminalization of unlocking is unnecessary.
Really? The summary describes a software flaw with grave security implications, and you weigh in with some whining about the use of 'actor' and a mediocre quality sentence?
Education time: Some words have multiple meanings. Actor is one of them.
actor
noun: actor; plural noun: actors
1. a person whose profession is acting on the stage, in movies, or on television.
2. a participant in an action or process.
It's bog standard to use the second sense in this context. See http://en.wikipedia.org/wiki/A...
I see it as good news that security software is getting more attention. There was a lot of bug backlog that's finally getting fixed. Each bug a bug is fixed we slowly and steadily eliminate attack vectors. Heartbleed is undoubtedly one of the drivers of this renewed attention, as are the revelations that nation states are actively working to exploit weaknesses. Patching bugs is one of the ways ordinary people can work against mass surveillance.
> Despite the fact that, as in Heartbleed, hyped to the max, very few actual bad things seem to happen.
Not all exploits get noticed. If your old laptop was keylogged, and a year after you got a new laptop you discovered that you were a victim of some sort of identity theft--- would you ever trace it back to the keylogger? If your $device was part of a botnet used for some sort of click fraud, would you notice?
So, you would have preferred a positive sounding statement indicating that they are aware that some users have privacy concerns and a vague reference to ongoing efforts to address these concerns?
I didn't find that response "worst of all time". It came across as lacking in the bullshit department, almost refreshingly so, actually.
... treat it as a regular unencrypted drive and apply proper encryption on top. Next.
Seems like a problem with a simple solution: Cisco needs to publish their build procedure.
Block the element with ad-block.
> The OpenBSD project late last night rushed out a patch ...
Sensationalist introductory sentence. LibreSSL is is not used in any production environment, there is no "rush" here.
It is an early version released to solicit feedback. Feedback was provided, resulting in a bug fix. This is *exactly* anticipated outcome.
But when the capital cost of the machine is zero, the higher power cost is not to bad.
TPTB can freeze credit cards, bank accounts, etc on a whim, but can't freeze a wallet full of $20s.
> Employees not wearing protective gear worked with bacteria that were supposed to have been killed but may not have been.
So the employees didn't use protective gear during their work, and that got them slated for a killing? I can understand trying to contain an outbreak, but one would think they should have been quarantined and tested for infection before commencement with the killing. Who's in charge of this mickey mouse operation anyway?
It's the "they have lots of money" effect that ensures their requests are read and acted upon, rather than automatically filtered out and discarded.
make the same request when I accidentally reply-all to save myself 'reputational damage'? Or does this only work for large companies with lots of money?
"Government declines to voluntarily give up its power, news at 11!"
What exactly was the expected outcome again?
Now we get all the benefits of Blackberry's excellent hardware AND all the apps of Android. They should have had this a year ago!