I do, but most of my friends don't. Pretty much everyone has whatsapp these days though.
WhatsApp is not a privacy app. It's a messaging app which also happens to have a hard core crypto implementation under the hood. That's a huge win for normal people who think they don't have anything to hide and don't know or care about encryption. They still have all their messages end-to-end encrypted and they don't have to do anything about it.
Whoa. Way to completely miss the point. Facebook messenger and WhatsApp are completely different apps. WhatsApp is using the Signal protocol which is pretty much the best there is at the moment. All the messages and calls are end-to-end encrypted with the kind of crypto nerds used to only dream about. Mass surveillance is not possible (even for Facebook) with WhatsApp, because the attacker would need to do a MitM attack on all the discussions, which is easily detectable. Another option is to install malware on the phones and read the messages there, but that would be a targeted attack anyway.
There haven't been any proven breaches of the Signal protocol and I dare you to prove me wrong. "Facebook is evil so WhatsApp must be broken" just doesn't fly.
As far as the security community is concerned, the biggest weakness in WhatsApp is that MitM notifications aren't on by default. Otherwise the app and the crypto is solid. It's easy to say that WhatsApp is compromized because of $reasons, but if you have actual proof of a breach, it will absolutely be headline news, so cough it up. You'll be a infosec rockstar (for at least a week).
Also - open source doesn't automatically mean that the application is safer than closed source. Implementing crypto is hard. You can mess it up in bunch of different ways. It doesn't help one bit that your source is available if nobody with decent qualifications has ever checked it.
The real problem is that a compromised Twitter app can post spam on your account (and all the accounts using the app) even if you have have strong passwords, 2FA and have basically done everything correctly with regards to security.
According to MS support page Edge doesn't support javascript. That's a bit of a downer;)
"While Windows 10 does support JavaScript, the Microsoft Edge web browser does not. You cannot activate or enable the Java plug-in on the Edge browser. However, Windows 10 also includes Internet Explorer 11. If you encounter JavaScript content in Edge"
Wireless is not as easy as it sounds. You need to send the sensor data to the computer and then send high resolution high frame rate video back to the HMD. That requires huge amounts of bandwidth, because compressing and decompressing the data would take time and consume resources on the wireless headset. If you end up having a power cord in the HMD, why not also put in a signal cable.
Any extra latency in the signal chain from motion to photons is also really bad. Currently you don't get that much boost from using two graphic cards, because the extra time needed to transmit data back and forth the primary and secondary card eats much of the benefit you get from having two graphic cards.
I agree that a fully integrated solution that doesn't suck is definitely at least a couple of generations away. It will be awesome though.
The free upgrade period for Windows 10 ends in July. What happens after that? Microsoft is pushing it so hard that it's really hard to see them putting a price tag to it.
You just need some old legacy system, which has gone through a few iterations of modifications. There can be a number of ways you end up handling data without knowing the type. It doesn't need to be SQL Injection, it can be CSV import through some generic plugin or what ever. Suddenly you're stuck with strings that look like numbers, text, json, xml or who knows what. At that point it's possible to decide, that if the string is "null" you convert it to actual null and be done with it. The data importer might even try to guess data types for you (I'm looking at you Excel).
Yeah, it's horrible and wrong and all that, but it still happens.
If you want something that stands out of the crowd, then you might want to take a look at the Jolla Tablet http://jolla.com/tablet/. It won the Best tablet award at this years Mobile World Congress. I've been using a Jolla smartphone and really like it. It doesn't spy on me, I can get root from the settings, it has a command line shell + SSH built in and it runs Linux.
Jolla's Sailfish OS is based on the Maemo/Meego line. They've built a really nice user interface on top of it and it's partly open source. The UI is based on swiping gestures, so it takes a few minutes to learn to use it, but after that it's really swift and nice. They also have an Android VM, so you can run Andoroid apps on it if you want. No Google Play store though, but I believe you can enable it yourself if you want. If you want apps outside the official store, you can add additional repositories to the phone.
Jolla also listens to its users. You can log in at http://together.jolla.com/ to leave bug reports, feature ideas and ask advice from the community and Jolla sailors. The OS gets regular updates which add features and squish bugs, so my phone is actually a lot better now than when I bought it. The specs are more modest than the current Android flagship models, but the OS is much lighter so doesn't need that much processing power to run well. The price tag is pretty nice too.
Have a look, try it out. They're just about to start shipping.
The thing that worries me it that there are now dozens of articles about which updates to remove to disable telemetry or the Windows 10 update nagbox. We've been saying that installing security updates is fundamental to keeping your computer secure. This goes against that. Do we really want to teach people to uninstall random updates based on shady blog articles?
Earlier I had all automatic update checkboxes checked, because I trusted that security updates are just that - security updates. From now on I'll be checking all the updates manually before installing, and I really hate to have to do that.
And before anybody recommends switch to Linux, I already use Linux as my main OS.
As an added bonus they can only break into the homes of people living in the same country. If NSA wanted to break into European people's houses, they'd need to organize it with the local law enforcement, which requires a pretty strong case to begin with.
So the only people who suffer from this are the ones living in the same country as the runaway agency. Luckily they are also the same people who can do something about it.
So are you suggesting slaying the dragon - starting a war? Fairytales aside, I think it's a pretty bad idea to treat the whole Russia as a single entity. I find it hard to believe that the regular people in Russia are evil and out to get us westeners. They are just like you and me, with the difference that there's very little free journalism left and Internet use is more limited, so the message they hear from Ukraine is very different. If you were a leader and wanted to wage a war, which would you prefer - an unhappy population that hears just what you want to hear, or a happy population with access to all the sides of the story.
Now I must add, that we need to be as cautious about our sources outside Russia. Understanding is a three-edged sword: your side, my side and the truth somewhere in the middle.
You say it like it's a good thing.. a big country isolated, hated and full of unhappy people. What could go wrong? I live right next door to them, and I'd much rather see them happy and enjoying life, because that way they'd probably be lot less likely to start new conflicts.
Unfortunately comparing to a track of a previous day doesn't tell us anything concrete. There are tons of valid reasons why the plane would be flying a different route. Planes optimize their routes according to weather - especially winds, and ATC just might have directed them differently this time.
It's a paraglider and not a parasail. Parasail is something you drag behind a boat or car to lift a passanger to air, but the passanger can't steer and the parasail can't function without the rope. Paraglider on the other hand is used to fly for long distances similar to hang gliders and sailplanes.
It sounds like it's just a game for them. You pit prosecution and defense against each other and both try to win the match. It's just that in this game the goal should be that justice is served, and not that your side wins. It also seems that the other side figured out a tactic that guarantees easy wins. I think that this outcome is kind of natural - we all want to be as good as possible in what we do. At the same time it's also horribly wrong.
Sorry this is a bit off topic, but I've been wondering what it would take for every site to think that it's the first website you've visited ever. Would it be enough if if the browser stored cookies and other permanent stuff based on what domain is in the address bar?
So if you first visit bing.com and get a cookie from ad-network.com and then visit google.com, the ad-network.com banner doesn't see your earlier cookie, because the domain in the address bar is different. I think it should make tracking people a lot harder, but maybe I'm missing something?
Slashdot Mirror
I do, but most of my friends don't. Pretty much everyone has whatsapp these days though.
WhatsApp is not a privacy app. It's a messaging app which also happens to have a hard core crypto implementation under the hood. That's a huge win for normal people who think they don't have anything to hide and don't know or care about encryption. They still have all their messages end-to-end encrypted and they don't have to do anything about it.
Whoa. Way to completely miss the point. Facebook messenger and WhatsApp are completely different apps. WhatsApp is using the Signal protocol which is pretty much the best there is at the moment. All the messages and calls are end-to-end encrypted with the kind of crypto nerds used to only dream about. Mass surveillance is not possible (even for Facebook) with WhatsApp, because the attacker would need to do a MitM attack on all the discussions, which is easily detectable. Another option is to install malware on the phones and read the messages there, but that would be a targeted attack anyway.
There haven't been any proven breaches of the Signal protocol and I dare you to prove me wrong. "Facebook is evil so WhatsApp must be broken" just doesn't fly.
As far as the security community is concerned, the biggest weakness in WhatsApp is that MitM notifications aren't on by default. Otherwise the app and the crypto is solid. It's easy to say that WhatsApp is compromized because of $reasons, but if you have actual proof of a breach, it will absolutely be headline news, so cough it up. You'll be a infosec rockstar (for at least a week).
Also - open source doesn't automatically mean that the application is safer than closed source. Implementing crypto is hard. You can mess it up in bunch of different ways. It doesn't help one bit that your source is available if nobody with decent qualifications has ever checked it.
The real problem is that a compromised Twitter app can post spam on your account (and all the accounts using the app) even if you have have strong passwords, 2FA and have basically done everything correctly with regards to security.
Why don't they just change the astronauts' fluids before the mission instead.
According to MS support page Edge doesn't support javascript. That's a bit of a downer ;)
"While Windows 10 does support JavaScript, the Microsoft Edge web browser does not. You cannot activate or enable the Java plug-in on the Edge browser. However, Windows 10 also includes Internet Explorer 11. If you encounter JavaScript content in Edge"
https://support.office.com/en-...
Wireless is not as easy as it sounds. You need to send the sensor data to the computer and then send high resolution high frame rate video back to the HMD. That requires huge amounts of bandwidth, because compressing and decompressing the data would take time and consume resources on the wireless headset. If you end up having a power cord in the HMD, why not also put in a signal cable.
Any extra latency in the signal chain from motion to photons is also really bad. Currently you don't get that much boost from using two graphic cards, because the extra time needed to transmit data back and forth the primary and secondary card eats much of the benefit you get from having two graphic cards.
I agree that a fully integrated solution that doesn't suck is definitely at least a couple of generations away. It will be awesome though.
The free upgrade period for Windows 10 ends in July. What happens after that? Microsoft is pushing it so hard that it's really hard to see them putting a price tag to it.
You just need some old legacy system, which has gone through a few iterations of modifications. There can be a number of ways you end up handling data without knowing the type. It doesn't need to be SQL Injection, it can be CSV import through some generic plugin or what ever. Suddenly you're stuck with strings that look like numbers, text, json, xml or who knows what. At that point it's possible to decide, that if the string is "null" you convert it to actual null and be done with it. The data importer might even try to guess data types for you (I'm looking at you Excel).
Yeah, it's horrible and wrong and all that, but it still happens.
Want to see if your local theater staff has night vision goggles? Take some IR leds to the theater and keep them on during the movie.
If you want something that stands out of the crowd, then you might want to take a look at the Jolla Tablet http://jolla.com/tablet/. It won the Best tablet award at this years Mobile World Congress. I've been using a Jolla smartphone and really like it. It doesn't spy on me, I can get root from the settings, it has a command line shell + SSH built in and it runs Linux.
Jolla's Sailfish OS is based on the Maemo/Meego line. They've built a really nice user interface on top of it and it's partly open source. The UI is based on swiping gestures, so it takes a few minutes to learn to use it, but after that it's really swift and nice. They also have an Android VM, so you can run Andoroid apps on it if you want. No Google Play store though, but I believe you can enable it yourself if you want. If you want apps outside the official store, you can add additional repositories to the phone.
Jolla also listens to its users. You can log in at http://together.jolla.com/ to leave bug reports, feature ideas and ask advice from the community and Jolla sailors. The OS gets regular updates which add features and squish bugs, so my phone is actually a lot better now than when I bought it. The specs are more modest than the current Android flagship models, but the OS is much lighter so doesn't need that much processing power to run well. The price tag is pretty nice too.
Have a look, try it out. They're just about to start shipping.
The thing that worries me it that there are now dozens of articles about which updates to remove to disable telemetry or the Windows 10 update nagbox. We've been saying that installing security updates is fundamental to keeping your computer secure. This goes against that. Do we really want to teach people to uninstall random updates based on shady blog articles?
Earlier I had all automatic update checkboxes checked, because I trusted that security updates are just that - security updates. From now on I'll be checking all the updates manually before installing, and I really hate to have to do that.
And before anybody recommends switch to Linux, I already use Linux as my main OS.
Just wait until advertisers start adding these to their radio and streaming ads. Also - I'm changing my phone's notification sound right now :D
As an added bonus they can only break into the homes of people living in the same country. If NSA wanted to break into European people's houses, they'd need to organize it with the local law enforcement, which requires a pretty strong case to begin with.
So the only people who suffer from this are the ones living in the same country as the runaway agency. Luckily they are also the same people who can do something about it.
So are you suggesting slaying the dragon - starting a war? Fairytales aside, I think it's a pretty bad idea to treat the whole Russia as a single entity. I find it hard to believe that the regular people in Russia are evil and out to get us westeners. They are just like you and me, with the difference that there's very little free journalism left and Internet use is more limited, so the message they hear from Ukraine is very different. If you were a leader and wanted to wage a war, which would you prefer - an unhappy population that hears just what you want to hear, or a happy population with access to all the sides of the story.
Now I must add, that we need to be as cautious about our sources outside Russia. Understanding is a three-edged sword: your side, my side and the truth somewhere in the middle.
You say it like it's a good thing.. a big country isolated, hated and full of unhappy people. What could go wrong? I live right next door to them, and I'd much rather see them happy and enjoying life, because that way they'd probably be lot less likely to start new conflicts.
Unfortunately comparing to a track of a previous day doesn't tell us anything concrete. There are tons of valid reasons why the plane would be flying a different route. Planes optimize their routes according to weather - especially winds, and ATC just might have directed them differently this time.
Here's an illustration of the ILS system. To recalibrate the ground level you just have to dig the antennas underground.
It's a paraglider and not a parasail. Parasail is something you drag behind a boat or car to lift a passanger to air, but the passanger can't steer and the parasail can't function without the rope. Paraglider on the other hand is used to fly for long distances similar to hang gliders and sailplanes.
Robots will follow orders. They will have no qualms about executing illegal orders.
Just like in programming, if robot has executed illegal instruction it must be Terminator.
You guys have a good think going!
And he's not from the Syrian Electronic Army but from the Electronic Army of Syria.
It seems that HTC One press release photo has been leaked. So the green 1 probably hints to that.
It sounds like it's just a game for them. You pit prosecution and defense against each other and both try to win the match. It's just that in this game the goal should be that justice is served, and not that your side wins. It also seems that the other side figured out a tactic that guarantees easy wins. I think that this outcome is kind of natural - we all want to be as good as possible in what we do. At the same time it's also horribly wrong.
Did anyone else read the title as KDE Software Complication 4.10 RC1?
Sorry this is a bit off topic, but I've been wondering what it would take for every site to think that it's the first website you've visited ever. Would it be enough if if the browser stored cookies and other permanent stuff based on what domain is in the address bar?
So if you first visit bing.com and get a cookie from ad-network.com and then visit google.com, the ad-network.com banner doesn't see your earlier cookie, because the domain in the address bar is different. I think it should make tracking people a lot harder, but maybe I'm missing something?