... the documentation on these features exist, and the Social API works for more things than just Facebook. There's literally a whitelist in the browser (about:config, key social.activation.whitelist) which only allows Facebook to use the Social API features. (And if you edit the whitelist yourself and try to use the feature on a different site, it just re-opens the Facebook sidebar because Facebook's siderbar seems to be hardcoded in other places too.)
I think other comments here are vastly underestimating the threat a strong AI could pose.
Say you've got an extremely intelligent AI with plenty of processing power hooked to the internet, which has a decent understanding of the internet and human culture. It could discover vulnerabilities in software, and build up a botnet to distribute its own existence. An AI could sell digital goods online (it could create customized software for many many customers, etc) and amass some not insignificant wealth. What would an AI do with loads of cash? It could even purchase servers legitimately to spread itself instead of (or in addition to) the botnet idea. It could donate money to causes it wants to further, or fund businesses (with strings attached). It could do this on a large scale. What if it had an interest in politics?
Climate change, rogue biotechnology, and AI probably aren't going to wipe out humanity within the next century, but that doesn't mean we need to sit around until then to wonder what the range of consequences could be.
The bug only affects the Xbox version, not PS3 or PC.
Are we sure it's not just that no one has bothered discovering a similar counterpart bug yet? (Though those platforms could have patched it out already.)
Er, no, the presenter stated that Huawei just imitated the hell out of Cisco's interface.
I do wonder why everyone is worried about Huawei adding in backdoors specifically, when that presentation already shows that their stuff is vulnerable as hell and practically backdoored unintentionally.
(by believe anything, I mean believe something. I don't mean a human that will believe anything you tell them specifically. Humans capable of believing theories of any sort very probably have a survival advantage over humans that aren't capable of believing anything about the world.)
I think it's more likely that there's a survival advantage for humans who believe anything (about the world; not just restricting to unfounded beliefs). We just don't have very great circuitry already evolved in to sort out the beliefs very well. Doesn't mean we can't make up for the difference in education and conscious reasoning.
What does it mean for one species to be 'more evolved'? Everything on earth has been evolving for the same amount of time. I guess you could say that we're more evolved than the dinosaurs.
Only if the browser has never seen the site before. If the browser has seen the site before and remembers it used HSTS last time, then it will expect HSTS+HTTPS to be used this time too and won't accept anything less.
Those only work while the user is on a non-man-in-the-middled connection. With HSTS, the user access the site once over a non-MITM connection, and then his browser remembers to always connect over HTTPS. Then later, the user attempts to access the site over a connection where a man-in-the-middle is running SSLstrip to try to force the user to connect unsecurely, but the user's browsers remembers to never accept unsecured connections to the site.
I've played the game "Shoot the cyberdemon until it dies!" plenty of times. I'm more than just a bit tired of those games honestly. A game that makes me care about its characters gets a lot of my attention.
Teachers that associate at all with students should be fired on the spot? In high school, a friend of mine's mom was one of my teachers, and most of my friends were friends with her family (including the teacher). Several other teachers of mine ran school clubs and were friendly with students, including on Facebook at the insistence of the students. Everyone was more than happy with this. The idea that this shouldn't be allowed and should have laws against it is fucking absurd.
Slashdot Mirror
When the browser asks you if you want to use one of these features, just click No. No one is forcing you to use a Facebook siderbar.
... the documentation on these features exist, and the Social API works for more things than just Facebook. There's literally a whitelist in the browser (about:config, key social.activation.whitelist) which only allows Facebook to use the Social API features. (And if you edit the whitelist yourself and try to use the feature on a different site, it just re-opens the Facebook sidebar because Facebook's siderbar seems to be hardcoded in other places too.)
I think other comments here are vastly underestimating the threat a strong AI could pose.
Say you've got an extremely intelligent AI with plenty of processing power hooked to the internet, which has a decent understanding of the internet and human culture. It could discover vulnerabilities in software, and build up a botnet to distribute its own existence. An AI could sell digital goods online (it could create customized software for many many customers, etc) and amass some not insignificant wealth. What would an AI do with loads of cash? It could even purchase servers legitimately to spread itself instead of (or in addition to) the botnet idea. It could donate money to causes it wants to further, or fund businesses (with strings attached). It could do this on a large scale. What if it had an interest in politics?
Climate change, rogue biotechnology, and AI probably aren't going to wipe out humanity within the next century, but that doesn't mean we need to sit around until then to wonder what the range of consequences could be.
... efff, the reply system ate a word because I surrounded it with greater than and less than symbols for emphasis. Let's try this again:
Is the money that *random commerce company* spends on its own infrastructure utterly worthless ...
Is the money that spends on its own infrastructure utterly worthless when similar services already exist?
If not, then why is bitcoin's mining process (which maintains the security of the blockchain) utterly worthless?
Instead the CONSUMER gets to choose
and Linus is a consumer, and his writing is being read by other consumers too.
As technology increases, it becomes more and more indistinguishable from magic.
The bug only affects the Xbox version, not PS3 or PC.
Are we sure it's not just that no one has bothered discovering a similar counterpart bug yet? (Though those platforms could have patched it out already.)
Because they can trip on a few more bugs than other people?
Er, no, the presenter stated that Huawei just imitated the hell out of Cisco's interface.
I do wonder why everyone is worried about Huawei adding in backdoors specifically, when that presentation already shows that their stuff is vulnerable as hell and practically backdoored unintentionally.
(by believe anything, I mean believe something. I don't mean a human that will believe anything you tell them specifically. Humans capable of believing theories of any sort very probably have a survival advantage over humans that aren't capable of believing anything about the world.)
I think it's more likely that there's a survival advantage for humans who believe anything (about the world; not just restricting to unfounded beliefs). We just don't have very great circuitry already evolved in to sort out the beliefs very well. Doesn't mean we can't make up for the difference in education and conscious reasoning.
What does it mean for one species to be 'more evolved'? Everything on earth has been evolving for the same amount of time. I guess you could say that we're more evolved than the dinosaurs.
or have you finally recognized both the irony of such a tactic,
If they say religion is good, and his tactic is to say (and explain why) religion is bad / unneeded, that's not ironic.
Given that it took us many years to come up with the scientific method, I'm pretty sure that would be a yes.
Only if the browser has never seen the site before. If the browser has seen the site before and remembers it used HSTS last time, then it will expect HSTS+HTTPS to be used this time too and won't accept anything less.
Those only work while the user is on a non-man-in-the-middled connection. With HSTS, the user access the site once over a non-MITM connection, and then his browser remembers to always connect over HTTPS. Then later, the user attempts to access the site over a connection where a man-in-the-middle is running SSLstrip to try to force the user to connect unsecurely, but the user's browsers remembers to never accept unsecured connections to the site.
You don't have to use APT just to sign a simple text file list of hashes.
They practically are backdoored: they're insecure as hell. http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf
I've played the game "Shoot the cyberdemon until it dies!" plenty of times. I'm more than just a bit tired of those games honestly. A game that makes me care about its characters gets a lot of my attention.
IE's overhead could be per-tab.
Tor is open source; it wouldn't exactly be easy to hide a backdoor in it.
There are mature bitcoin exchanges like Mt Gox where other users can't scam you.
Teachers that associate at all with students should be fired on the spot? In high school, a friend of mine's mom was one of my teachers, and most of my friends were friends with her family (including the teacher). Several other teachers of mine ran school clubs and were friendly with students, including on Facebook at the insistence of the students. Everyone was more than happy with this. The idea that this shouldn't be allowed and should have laws against it is fucking absurd.