the email system never verified the URL nor where the email was from
so your email system is so poor you have to rely on the end user not to click on a link ?
simply block / rewrite URL's that have not been verified
only accept mail from domains that have been verified and claim the email is from them (for example that have DNSSEC and DANE setup correctly as gov address's have this and can therefore prove that they sent the email)
they match with amazon quite nicely, it will be instraesting to see if they can combine with the company they bought before (who actually did smart chips) called blink
now there is no way that blink/ring/flavour of the month actually add any value beyond easy install
IF they produced a version that worked OFFLINE (sent the video to a internal server rather than NOT JUST AWS ) THEN they might actually have something but in truth doing that is actually hard...
pushing things to the "cloud" and letting AWS churn through it is not hard, dont get me wrong thats a good thing to have but its not actually what most people want they want something that works offline and add's features via the services online... some people are happy with that and are early adopters but the devil is in the details and their sales will bottom out in 24 months or so, it would be interesting if they are locking them in performance wise beyond 2/3 years in stock grants
have fun with the lawyers your going to get eaten by the far eastern vendors unless you work out offline...
the OS is a fork of FireFox called KaiOS they claim 30 million already in the field... and IPv6 native
ironically steve jobs wanted phones to use the web as "apps" personally I think it's a good thing it only has a browser and phone capability, less to screw up !
most of the information within a wikipedia page is spread around on little visited websites in terrible formatting it actually takes someone who understands or wants to understand "the subject" to actually do a half decent job
the fact it simply takes the summary of the summarizers basically makes it pointless... go back to you lisp machines "researchers"
its a swedish company and pay swedish tax's - a good thing
their thermometer is incredibly basic for what they claim to be doing and I'm going to guess the calibration is non existent or outsourced to china. They do not seem to provide any information on the thermometer supplier I would have thought it was at least like the nokia and bluetooth...
"CAs are also out of the picture if you want them to be, using DANE you can use either self-signed certificates for your server or create your own local issuing authority for your certificates. End of problem with not trusting CAs, you only have to trust yourself."
trusting the CA's should be a user/admin choice not a manufacturer of the OS/Device basically a one size fits all approach to a Certificate Authorities is rather silly
yes they specifically inject adverts and show that your stream is not secure at all from MITM, the only way is to get rid of the Certificate Authorities who compromise everything...
agreed the mac needs a come back and Tim Cook does not seem to push Intel for new hardware... yeah great LTE... what a waste of engineering at intel when a japanese form could have done the work
intel need to focus their efforts on desktop Mac's and make that something to be proud of again !
this looks like an old SDR hack... next we will see a garage opener...
Wimmenhove could have signed up to the partnership agreement and got paid but seems to have figured that publicity would be worth more, hey they could have told him to take a running jump like so many other vendors...
honestly why doesn't automotive just use standards and we could all move on with our lives, or are they invested in making money out of keys ?
It always amazes me that governments dont invest in this level, for example the french military will avoid certain american tech but seem happy to pay an unauditable Intel corporation
at least the European Space Agency made their own Sparc processor but I've seen little other investments made with public money that might actually benefit the public and be verifiable by outsiders...
1/ pairing bluetooth - this is the manufacturer not following guidelines
2/ Audio "quality" - simply you need either aptX or AAC in your headphones AND phone/device otherwise it degrades to a low bitrate codec
people simply dont understand that the codec matters and complain their MP3 does not sound as good... and it wont on standard bluetooth because the codec between the headset and device is built for low bandwidth
look on the spec for a AAC for your bluetooth speaker if you want a decent connection
The claim that you can not manipulate the keys was made and clearly thats not the case... the team at Columbia University : Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo deserve credit for showing that was not always the case...
GlobalFoundries, Intel, Samsung, SK Hynix, TSMC and UMC all are building new fabs or expanding their existing plants in China however they estimate 50% could fail to be built
TSMC and in fact anyone with taiwan heritage should be worried very very worried how they are going to be competitive as a nation going forward...
as soon as a design enters that region I am doubtful the PLA will not be kept out...
the scale linked in the article is very small 19PB is basically 19 racks its not huge the real crux is the DSP / GPU / FPGA designs from be "utilised"
The operators now own all the tracking... this is not about privacy its about control
Network/Carriers simply inject cookies for advertising if they own media assets (https://www.accessnow.org/verizon-fined-1-35-million-use-supercookies/)
The real problem is that Mobile network Operators can decrypt the streams via the MITM after all they own the Certificate authorities and can sign on the fly (its so bad that even advertisers had to ban some from their browsers)
EV certificates are not the answer IMHO : https://0.me.uk/ev-phishing/
we could move to a situation where we explicitly publish our certificates in DNS such as DANE then ALSO use Certificate Authorities we as users opt into
heck you could even publish the certificates on a blockchain or a P2P system to supplement DANE anything has got to be better than the current situation
Slashdot Mirror
its not that hard
but you have to have at least two connections to compare the traffic
a study that was funded by a USA national science award does exactly this :
simply download a app and run it
http://bit.ly/2IAdbmD
you can thank me on twitter if you like http://twitter.com/johnjonesname
the email system never verified the URL nor where the email was from
so your email system is so poor you have to rely on the end user not to click on a link ?
simply block / rewrite URL's that have not been verified
only accept mail from domains that have been verified and claim the email is from them
(for example that have DNSSEC and DANE setup correctly as gov address's have this and can therefore prove that they sent the email)
simple basics that are not the end users fault
Instead of taking over companies and rinsing them of all their assets...
lets see broadcom actually produce some new products from LSI and Brocade maybe ?
they are headquartered in singapore to pay as little tax as possible...
they match with amazon quite nicely, it will be instraesting to see if they can combine with the company they bought before (who actually did smart chips) called blink
now there is no way that blink/ring/flavour of the month actually add any value beyond easy install
IF they produced a version that worked OFFLINE (sent the video to a internal server rather than NOT JUST AWS ) THEN they might actually have something but in truth doing that is actually hard...
pushing things to the "cloud" and letting AWS churn through it is not hard, dont get me wrong thats a good thing to have but its not actually what most people want they want something that works offline and add's features via the services online... some people are happy with that and are early adopters but the devil is in the details and their sales will bottom out in 24 months or so, it would be interesting if they are locking them in performance wise beyond 2/3 years in stock grants
have fun with the lawyers your going to get eaten by the far eastern vendors unless you work out offline...
John
the OS is a fork of FireFox called KaiOS they claim 30 million already in the field... and IPv6 native
ironically steve jobs wanted phones to use the web as "apps" personally I think it's a good thing it only has a browser and phone capability, less to screw up !
I wish them luck, I hope it sells a shed ton
most of the information within a wikipedia page is spread around on little visited websites in terrible formatting it actually takes someone who understands or wants to understand "the subject" to actually do a half decent job
the fact it simply takes the summary of the summarizers basically makes it pointless... go back to you lisp machines "researchers"
honestly its all about the advertisers... Is anyone who advertises on twitter objecting to this ?
(so twitter will publish a website and mobile app's)
This would be interesting if they link to data showing desktop vs mobile vs Web usage.
regards
John Jones
its a swedish company and pay swedish tax's - a good thing
their thermometer is incredibly basic for what they claim to be doing and I'm going to guess the calibration is non existent or outsourced to china.
They do not seem to provide any information on the thermometer supplier I would have thought it was at least like the nokia and bluetooth...
regards
John Jones
p.s. poor harry
"CAs are also out of the picture if you want them to be, using DANE you can use either self-signed certificates for your server or create your own local issuing authority for your certificates. End of problem with not trusting CAs, you only have to trust yourself."
trusting the CA's should be a user/admin choice not a manufacturer of the OS/Device
basically a one size fits all approach to a Certificate Authorities is rather silly
yes certificate authorities are the high risk and consolidate control neither of which you would want in a "secure" system
yes they specifically inject adverts and show that your stream is not secure at all from MITM, the only way is to get rid of the Certificate Authorities who compromise everything...
agreed the mac needs a come back and Tim Cook does not seem to push Intel for new hardware... yeah great LTE... what a waste of engineering at intel when a japanese form could have done the work
intel need to focus their efforts on desktop Mac's and make that something to be proud of again !
https://john.jones.name
this just goes to show who is paying attention :
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
this looks like an old SDR hack... next we will see a garage opener...
Wimmenhove could have signed up to the partnership agreement and got paid but seems to have figured that publicity would be worth more, hey they could have told him to take a running jump like so many other vendors...
honestly why doesn't automotive just use standards and we could all move on with our lives, or are they invested in making money out of keys ?
they bought that company
did a real audit and found that its not doing as well as they thought...
Quite an achievement !
It always amazes me that governments dont invest in this level, for example the french military will avoid certain american tech but seem happy to pay an unauditable Intel corporation
at least the European Space Agency made their own Sparc processor but I've seen little other investments made with public money that might actually benefit the public and be verifiable by outsiders...
you can follow this to find out what your phone supports :
https://android.stackexchange.com/questions/26410/how-do-i-determine-which-a2dp-codecs-my-phone-supports-is-currently-using
this list is common now :
#define A2DP_CODEC_SBC 0x00
#define A2DP_CODEC_MPEG12 0x01
#define A2DP_CODEC_MPEG24 0x02
thats SBC, MP3 and AAC
regards
John Jones
some people dont understand and complain about
1/ pairing bluetooth - this is the manufacturer not following guidelines
2/ Audio "quality" - simply you need either aptX or AAC in your headphones AND phone/device otherwise it degrades to a low bitrate codec
people simply dont understand that the codec matters and complain their MP3 does not sound as good... and it wont on standard bluetooth because the codec between the headset and device is built for low bandwidth
look on the spec for a AAC for your bluetooth speaker if you want a decent connection
I really don't trust these sites to do a good job... but only allowing google and twitter oauth providers is pathetic
It would be interesting to understand the amount of bandwidth required to service a front page post in 24 hours historically and compared to today
now we find netflix is serving 100 Gbps from an Open Connect Appliance...
regards
John Jones
https://john.jones.name
The claim that you can not manipulate the keys was made and clearly thats not the case... the team at Columbia University : Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo deserve credit for showing that was not always the case...
I wonder how many side attacks the PLA have...
john.jones.name
correct he's insane and has written for the clickbait without any knowledge of the systems or potential
they dont have plants yet...
GlobalFoundries, Intel, Samsung, SK Hynix, TSMC and UMC all are building new fabs or expanding their existing plants in China however they estimate 50% could fail to be built
TSMC and in fact anyone with taiwan heritage should be worried very very worried how they are going to be competitive as a nation going forward...
as soon as a design enters that region I am doubtful the PLA will not be kept out...
the scale linked in the article is very small 19PB is basically 19 racks its not huge the real crux is the DSP / GPU / FPGA designs from be "utilised"
good luck
The operators now own all the tracking... this is not about privacy its about control
Network/Carriers simply inject cookies for advertising if they own media assets
(https://www.accessnow.org/verizon-fined-1-35-million-use-supercookies/)
The real problem is that Mobile network Operators can decrypt the streams via the MITM after all they own the Certificate authorities and can sign on the fly (its so bad that even advertisers had to ban some from their browsers)
EV certificates are not the answer IMHO :
https://0.me.uk/ev-phishing/
we could move to a situation where we explicitly publish our certificates in DNS such as DANE then ALSO use Certificate Authorities we as users opt into
heck you could even publish the certificates on a blockchain or a P2P system to supplement DANE anything has got to be better than the current situation
https://mitm.watch/
regards
John Jones
no one has mentioned that royalsocietypublishing.org interface is actually readable !