The issue is here, that they just want to have access to peoples communications without a warrant, which is a violation of privacy no better than any other garden variety black hat access.
If they cannot get access to people's communications without a warrant, then what would be the point?
The CPU has to run the encryption because it has a permanent part of the key but the CPU does not have any non-volatile memory to store state so there is nothing to erase there.
Year in and year out, one bad grandstanding piece of legislation after another; so what does that tell you about the voters?
It tells me that she is a senator from California and that Silicon Valley tacitly supports her. Having this law enforced on them will not be as bad as seemingly volunteering for it.
I agree it would be crippling to the US in many way but I do not agree that it would be impossible to do.
Pass a law requiring all use of encryption to be approved and/or licensed; encryption designs which do not provide for plaintext recovery simply do not get approved. Monitoring data at various locations is easy enough; it does not count as a search (according to the DOJ) if it is done in an automated way. When someone uses unapproved and/or unlicensed encryption, then you have an endpoint to track.
Any loss of efficiency with an air core is not do to loss within the air itself; the problem is that the lower coupling means higher circulating currents in the coils for a given power and the lower inductance means higher frequency operation. You can get better efficiency using a traditional transformer at a lower cost and if the existing efficiency is lower, it is just because of economics.
My understanding is that WhatsApp will display the remote public key or its hash so that it can be verified over another communications channel revealing if a man-in-the-middle attack has occurred.
Well, if I end to end encrypt all communications and stored data in such a way that the storing company does not hold the key, only I do, then I DO now have a reasonable expectation of privacy and the entire third party doctrine collapses legally.
No, encryption does not create an expectation of privacy:
Does encrypting Internet communications create a reasonable expectation of privacy in their contents, triggering Fourth Amendment protection? At first blush, it seems that the answer must be yes: A reasonable person would surely expect that encrypted communications will remain private. In this paper, Professor Kerr explains why this intuitive answer is entirely wrong: Encrypting communications cannot create a reasonable expectation of privacy. The reason is that the Fourth Amendment regulates access, not understanding: no matter how unlikely it is that the government will successfully decrypt ciphertext, the Fourth Amendment offers no protection if it succeeds. As a result, the government does not need a search warrant to decrypt encrypted communications. This surprising result is consistent with Fourth Amendment caselaw: it matches how courts have resolved cases involving the reassembly of shredded documents, recovery of deleted files, and the translation of foreign languages. The Fourth Amendment may regulate government access to ciphertext, but it does not regulate government efforts to translate ciphertext into plaintext.
Or you buy an F150. Or in a couple years, an Aluminum Colorado or whatever they call it. The auto industry is finally getting around to moving to Aluminum. The NSX proved it was possible. The A8 proved it was feasible. The F150 proves that it's reasonable. Aluminum is more recyclable than steel using modern techniques (e.g. laser spectroscopy for sorting) so you can expect a snowball effect.
Did you read the other part of my post? Since the MPG requirements are indexed based on size and weight, using a less dense material means using more of it or adding other mass to keep the same weight. There may be good reasons to use aluminum in a pickup truck (I am dubious of this) but mileage is not one of them.
I have not used it but apparently the client has facilities to verify the key through an auxiliary communications channel manually (voice, text, whatever) so it would just take getting caught once to show that the WhatsApp server was compromised. I believe PGP phone had the same capability.
The NSA in cooperation with NIST undermined various internet security protocols like IPSEC to either weaken them or prevent them from being deployed. Neither agency can ever be trusted as far as security related issues again. I now believe they were never trustworthy to start with.
I've seen nothing that would indicate either way that this could be the truth. It's pure speculation. Others have speculated that to reach that 15 billion number they have to be counting the memory transistors as well. Though this is big at 600mm2 it isn't that much bigger than previous die's that held a fraction of that number of transitions.
It has about 50% more transistors than the Oracle Spark M7 at 10.2 billion so the increase is reasonable.
Small pickups no longer exist in the USA (the smallest one now is almost as big as an F100 was) and fancy pants interior has been creeping into pickups lately, and now they look like cars inside.
They no longer exist because they were legislated out of existence; they were effectively made illegal.
The mileage requirements required by law are indexed based on vehicle weight and size. The only way for the manufacturers to legally continue to sell pickups was to make them heavier and larger. If you wanted a high MPG light pickup, well, your Democratic and Republican legislators fucked you.
My neighbor and I had the exact same GMC Sonoma pickup from roughly 2002 and he replaced his after it was discontinued. The new replacement was practically identical except it weighed more.
They have already been doing that. Search the driver for officer safety, find the phone, and then search the phone just like you would a pack of cigarettes.
Before we have anything like that I think we'll see something more like an automated pharmacy that takes blood samples, analyses them and manufactures/dispenses exactly what the patient needs... even medication for paranoid schizophrenics.
That was the most common use for NIven's autodocs besides giving a manicure. The portable docs carried by the first Ringworld expedition were not any more capable and had limited consumables. They could diagnose various conditions through blood tests, administer medications from their limited selection, and notify with a check engine, um, check human lamp that further service is required.
I particularly remember a case where one of the Wus is exposed to vacuum and the autodoc aboard ship replaces both lungs without any human intervention; one would have to assume that people are flying around with all manner of organs stored aboard just in case.
Carlos Wu promptly suffered from organ rejection with the "universal donor" set of spare lungs that the simplified ship's autodoc carried so they had to rush him to where a hospital grade autodoc existed. This experience motivated Carlos to design a better autodoc which was featured in stories later in the Known Space timeline and retrospectively earlier in Niven's timeline.
This is hardly a new problem. Some cars and naturally lots of old GMCs have an electronic parking brake so if the battery goes dead and the hood is obstructed, you cannot push the car back to gain access.
Current GMCs which have security hardware whether you have that option or not cannot be pushed started.
Did anyone believe that the security of an iPhone (or Android Phone) would stand up to the resources available to a nation state - particularly one known to collect zero day exploits they keep to themselves?
I would if a secure password had actually been used.
Slashdot Mirror
What part of fine control did they lack? Processing? Sensors? Engines?
If they cannot get access to people's communications without a warrant, then what would be the point?
That is how it works without encryption.
Seems like it would be easy to fix; update the counter before checking the PIN.
The CPU has to run the encryption because it has a permanent part of the key but the CPU does not have any non-volatile memory to store state so there is nothing to erase there.
It tells me that she is a senator from California and that Silicon Valley tacitly supports her. Having this law enforced on them will not be as bad as seemingly volunteering for it.
I agree it would be crippling to the US in many way but I do not agree that it would be impossible to do.
Pass a law requiring all use of encryption to be approved and/or licensed; encryption designs which do not provide for plaintext recovery simply do not get approved. Monitoring data at various locations is easy enough; it does not count as a search (according to the DOJ) if it is done in an automated way. When someone uses unapproved and/or unlicensed encryption, then you have an endpoint to track.
Like the war on drugs? The war on poverty?
It is absolutely winnable except in the sense of producing a Pyrrhic victory.
And when they do that, their CEOs can join the Quest CEO in prison.
https://en.wikipedia.org/wiki/...
Any loss of efficiency with an air core is not do to loss within the air itself; the problem is that the lower coupling means higher circulating currents in the coils for a given power and the lower inductance means higher frequency operation. You can get better efficiency using a traditional transformer at a lower cost and if the existing efficiency is lower, it is just because of economics.
My understanding is that WhatsApp will display the remote public key or its hash so that it can be verified over another communications channel revealing if a man-in-the-middle attack has occurred.
No, encryption does not create an expectation of privacy:
http://papers.ssrn.com/sol3/pa...
Does encrypting Internet communications create a reasonable expectation of privacy in their contents, triggering Fourth Amendment protection? At first blush, it seems that the answer must be yes: A reasonable person would surely expect that encrypted communications will remain private. In this paper, Professor Kerr explains why this intuitive answer is entirely wrong: Encrypting communications cannot create a reasonable expectation of privacy. The reason is that the Fourth Amendment regulates access, not understanding: no matter how unlikely it is that the government will successfully decrypt ciphertext, the Fourth Amendment offers no protection if it succeeds. As a result, the government does not need a search warrant to decrypt encrypted communications. This surprising result is consistent with Fourth Amendment caselaw: it matches how courts have resolved cases involving the reassembly of shredded documents, recovery of deleted files, and the translation of foreign languages. The Fourth Amendment may regulate government access to ciphertext, but it does not regulate government efforts to translate ciphertext into plaintext.
There is no requirement for states to enforce federal law if they do not want to and the feds cannot force them to do so short of withholding funds.
Did you read the other part of my post? Since the MPG requirements are indexed based on size and weight, using a less dense material means using more of it or adding other mass to keep the same weight. There may be good reasons to use aluminum in a pickup truck (I am dubious of this) but mileage is not one of them.
I have not used it but apparently the client has facilities to verify the key through an auxiliary communications channel manually (voice, text, whatever) so it would just take getting caught once to show that the WhatsApp server was compromised. I believe PGP phone had the same capability.
I would.
The NSA in cooperation with NIST undermined various internet security protocols like IPSEC to either weaken them or prevent them from being deployed. Neither agency can ever be trusted as far as security related issues again. I now believe they were never trustworthy to start with.
It has about 50% more transistors than the Oracle Spark M7 at 10.2 billion so the increase is reasonable.
I read that as, "Intel buys Yoyodyne".
They no longer exist because they were legislated out of existence; they were effectively made illegal.
The mileage requirements required by law are indexed based on vehicle weight and size. The only way for the manufacturers to legally continue to sell pickups was to make them heavier and larger. If you wanted a high MPG light pickup, well, your Democratic and Republican legislators fucked you.
My neighbor and I had the exact same GMC Sonoma pickup from roughly 2002 and he replaced his after it was discontinued. The new replacement was practically identical except it weighed more.
They have already been doing that. Search the driver for officer safety, find the phone, and then search the phone just like you would a pack of cigarettes.
That was the most common use for NIven's autodocs besides giving a manicure. The portable docs carried by the first Ringworld expedition were not any more capable and had limited consumables. They could diagnose various conditions through blood tests, administer medications from their limited selection, and notify with a check engine, um, check human lamp that further service is required.
Carlos Wu promptly suffered from organ rejection with the "universal donor" set of spare lungs that the simplified ship's autodoc carried so they had to rush him to where a hospital grade autodoc existed. This experience motivated Carlos to design a better autodoc which was featured in stories later in the Known Space timeline and retrospectively earlier in Niven's timeline.
Law enforcement already uses that excuse whether a cell phone is involved or not.
WiFi is available on the 900 MHz ISM band as well. Ubiquiti makes radios intended for WiFi point to point links including 900 MHz ones.
This is hardly a new problem. Some cars and naturally lots of old GMCs have an electronic parking brake so if the battery goes dead and the hood is obstructed, you cannot push the car back to gain access.
Current GMCs which have security hardware whether you have that option or not cannot be pushed started.
I would if a secure password had actually been used.
Why not only allow remote update only on phones which have been unlocked already?