It didn't just become anything. As many have noted, catch all email isn't new. Gmail should be a little perturbed their platform is being used for fraud but it has since inception and will be for years to come. The problem is the defrauded institutions' to fix.
You appear to be disagreeing with the article summary: "and alert you if you enter a username / password combination that Google 'knows to be unsafe.'"
I looked and I also appear to be disagreeing with the source Google blog post. I guess they are matching UN/PW.
Troy Hunt has a really nice solution for this on his HaveIBeenPwned site. He has an API that allows you to submit a partial hash of your password (the first half of the SHA1 of your password) and then the API returns a list of complete hashes that have appeared in a breach. You can check it out his about page here.
The reasoning is that you are not providing your complete password hash, so both his site and an eavesdropper would not know if your password actually appears in that list or not. Only you know, and the list that is returned averages about 450-500 complete hashes. It would give an attacker with a rainbow table a starting point, but then you'd also know if your password appears in a dictionary or breach and should be changed.
The people who only used computers for social media will only use phones for the same thing, sure. But what made the desktop unnecessary is all of the other things which you can now do with a phone. Document viewing and editing, music storage and playback (or even composition), photo capture manipulation and categorization, finance management, tax preparation and filling... phones can now do the vast majority of the things we used to need computers for. So what's left? Not much that would interest 95% of home users. Business/professional use is a different thing.
Do you really want to prepare your taxes on your phone? No matter how phablet-y your phone is, I can't imagine you will be able to spot typos or errors as easily as even a small laptop screen. And that is leaving out the difference in input methods...
Years back I tried an experiment: put a domain name in a browser and not no response. Went to GoDaddy to register it and was told it was taken. Tried in the browser again and got a 'this address is for sale!' banner and an email to the address I had given GD offering to sell it to me within minutes. GD pretty much exists to suck up domain names people submit and then try to sell their idea back to them.
Did you follow up and look up the WHOIS info on the domain to see if it indeed had been registered just right then? Maybe they just had not yet pointed the DNS to their parking page for some stupid reason.
Any other time when my phone in on my person, I'm going to know when somebody tries a face time call.
You never put your phone on silent? Say, in an important meeting so you are uninterrupted? I mean, there are other times one might not want to be interrupted nor eavesdropped...
I am sure all you programmers out there who are smug that their code never got hacked. But is it really skill, or just being lucky, or your program isn't just that popular enough.
I have no opinion of what the bug says about Apple. But, just to clarify here, this was not a case of their product being "hacked." All that was required to exploit it was to dial somebody and, while ringing, add them to an existing group conversation (or something similar).
Not only has Pai's office pandered to Big Cable to an excessive degree in the past two years, pushing through changes vehemently opposed by everyone that isn't one of the main telcos, there has been a rumors that the regulator is actively working in secret with companies it is supposed to oversee.
Grammatical errors aside, this writing is just... awful.
But local government officials were very suspicions something untoward was going on.
Isn't Apple / Google / Samsung pay ubiquitous over there?
In Aus even our own banks offer their own apps on devices with NFC in case you don't want to use apple / google / samsung, and they work *everywhere*. Everyone pays on card these days because it's free.
What's the hold up with the deployment?
Hang on, you guys don't even have chip and pin everywhere yet do you...
Don't worry, cash still works over here just fine.
As a counterpoint, if you are working for a company longer, you are not a whiny job hopper, who leaves a job, because you have to do work that you just don't like to do.
"Management was a nightmare. I got penalized because I never checked in my work to source control!" "I am a programmer, it isn't my job to help plug in and setup a printer"
Agreed. I value the positive reviews the most that have between 1-3 year tenure and the negative reviews the most that are 3+ years tenure.
>> Guaranteed Rate CEO Victor Ciardelli instructed his team to enlist employees likely to post positive reviews...these employees flooded Glassdoor with hundreds of five-star ratings
So...what's the secret? I thought this was SOP in corporate America.
A former employer did that. They waited until employees hit their five-year mark (or thereabouts) and then suggested that, if they had not yet done so, they leave a Glassdoor review.
Their reasoning was that only employees that had a favorable opinion would stick around that long, and it couldn't hurt that they had just received milestone benefits (an extra week of annual vacation was awarded at five years).
But anybody who is really looking on Glassdoor should know that you want to take a sample of different reviews, with tenure being the primary factor in how you evaluate a review. The sales rep who has been there fifteen years is probably doing really well and gets special treatment. The intern that only lasted two weeks might have screwed it up for himself.
Solo felt like they were trying to make even M Night Shyamalan go "enough with the 'twists', dammit!". Oh, the one bad guy is actually a woman. His friend is really a bad guy. His love interest is good, just pretending to be bad, is good again but nope, still bad.
It is a heist film, about the underworld of Star Wars. Double crosses are not supposed to be interpreted as "twists" but hallmarks of the genre.
I didn't watch it in the theaters for the same reason a lot of people didn't, which is a shame. Solo was about Han Solo but unlike even Rogue One, it didn't feel the need to wink and nod at the audience every few minutes. I think it may be my second-favorite Star Wars film after Empire.
People didn't go out to watch but it was a good movie. It stands up really well as a sci-fi heist movie, which is remarkable given how annoyingly self-conscious the other three Disney Star Wars films have been.
Short the stock on a company, then reveal you--I mean, someone--hacked them. Rinse repeat. You can even do it legally. Well, maybe wait until the lawsuit plays out first before trying that maneuver.
Slashdot Mirror
He never explained why email verification upfront would fail to solve the issue. I still believe it is a problem of the sites or services in question.
It didn't just become anything. As many have noted, catch all email isn't new. Gmail should be a little perturbed their platform is being used for fraud but it has since inception and will be for years to come. The problem is the defrauded institutions' to fix.
You appear to be disagreeing with the article summary: "and alert you if you enter a username / password combination that Google 'knows to be unsafe.'"
I looked and I also appear to be disagreeing with the source Google blog post. I guess they are matching UN/PW.
google simply stores a hash of the username+password combination.
No, the user name is ignored. All that matters is if the password appears in a breach and is likely to be in a dictionary.
Troy Hunt has a really nice solution for this on his HaveIBeenPwned site. He has an API that allows you to submit a partial hash of your password (the first half of the SHA1 of your password) and then the API returns a list of complete hashes that have appeared in a breach. You can check it out his about page here.
The reasoning is that you are not providing your complete password hash, so both his site and an eavesdropper would not know if your password actually appears in that list or not. Only you know, and the list that is returned averages about 450-500 complete hashes. It would give an attacker with a rainbow table a starting point, but then you'd also know if your password appears in a dictionary or breach and should be changed.
The people who only used computers for social media will only use phones for the same thing, sure. But what made the desktop unnecessary is all of the other things which you can now do with a phone. Document viewing and editing, music storage and playback (or even composition), photo capture manipulation and categorization, finance management, tax preparation and filling ... phones can now do the vast majority of the things we used to need computers for. So what's left? Not much that would interest 95% of home users. Business/professional use is a different thing.
Do you really want to prepare your taxes on your phone? No matter how phablet-y your phone is, I can't imagine you will be able to spot typos or errors as easily as even a small laptop screen. And that is leaving out the difference in input methods...
Years back I tried an experiment: put a domain name in a browser and not no response. Went to GoDaddy to register it and was told it was taken. Tried in the browser again and got a 'this address is for sale!' banner and an email to the address I had given GD offering to sell it to me within minutes. GD pretty much exists to suck up domain names people submit and then try to sell their idea back to them.
Did you follow up and look up the WHOIS info on the domain to see if it indeed had been registered just right then? Maybe they just had not yet pointed the DNS to their parking page for some stupid reason.
Any other time when my phone in on my person, I'm going to know when somebody tries a face time call.
You never put your phone on silent? Say, in an important meeting so you are uninterrupted? I mean, there are other times one might not want to be interrupted nor eavesdropped...
I am sure all you programmers out there who are smug that their code never got hacked. But is it really skill, or just being lucky, or your program isn't just that popular enough.
I have no opinion of what the bug says about Apple. But, just to clarify here, this was not a case of their product being "hacked." All that was required to exploit it was to dial somebody and, while ringing, add them to an existing group conversation (or something similar).
I don’t miss mine. Wanting a headphone jack is like wanting to be 1970 sheik with a boom bar bigger than you are.
A 1970 sheik, you say? I am familiar with a 1962 sheik but not 1970.
I understand the summary but I can't figure out what the headline is trying to say. Anyone got any ideas? "Location Finds Bluetooth, Ultra-Wideband"
How is it 'minimalist' being locked to a vendor's ecosystem
Well it's easier than convincing the holdouts in your family to stop using iMessage and start using a non-SMS-based app like a rational human being.
"I don't know what you're talking about, I get all the messages just fine..."
You can argue about whether it is minimalist however being vendor locked has nothing to do with the word "minimalist".
It's arguable that limited choice limits the minimal configurations/use cases you have access to.
Chair of the House Commerce chair, Frank Pallone
From the department of redundancy department.
Not only has Pai's office pandered to Big Cable to an excessive degree in the past two years, pushing through changes vehemently opposed by everyone that isn't one of the main telcos, there has been a rumors that the regulator is actively working in secret with companies it is supposed to oversee.
Grammatical errors aside, this writing is just... awful.
But local government officials were very suspicions something untoward was going on.
This whole affair is very suspicions indeed.
The distinction between this phone and Apple's latest is that if you want a phone that runs Android, you have other options with all the ports.
That shit doesn't work?
Isn't Apple / Google / Samsung pay ubiquitous over there?
In Aus even our own banks offer their own apps on devices with NFC in case you don't want to use apple / google / samsung, and they work *everywhere*. Everyone pays on card these days because it's free.
What's the hold up with the deployment?
Hang on, you guys don't even have chip and pin everywhere yet do you...
Don't worry, cash still works over here just fine.
As a counterpoint, if you are working for a company longer, you are not a whiny job hopper, who leaves a job, because you have to do work that you just don't like to do.
"Management was a nightmare. I got penalized because I never checked in my work to source control!" "I am a programmer, it isn't my job to help plug in and setup a printer"
Agreed. I value the positive reviews the most that have between 1-3 year tenure and the negative reviews the most that are 3+ years tenure.
>> Guaranteed Rate CEO Victor Ciardelli instructed his team to enlist employees likely to post positive reviews...these employees flooded Glassdoor with hundreds of five-star ratings So...what's the secret? I thought this was SOP in corporate America.
A former employer did that. They waited until employees hit their five-year mark (or thereabouts) and then suggested that, if they had not yet done so, they leave a Glassdoor review.
Their reasoning was that only employees that had a favorable opinion would stick around that long, and it couldn't hurt that they had just received milestone benefits (an extra week of annual vacation was awarded at five years).
But anybody who is really looking on Glassdoor should know that you want to take a sample of different reviews, with tenure being the primary factor in how you evaluate a review. The sales rep who has been there fifteen years is probably doing really well and gets special treatment. The intern that only lasted two weeks might have screwed it up for himself.
Oil? Sunlight? Those are both stupid analogies. Data are simply information. You do not need an analogy to explain that.
Rogue One was pretty good. The pissed-off Vader murder spree at the end was cool as fuck
It was fan service and nothing more. It also didn't make up for the horrible plotting of the film.
Solo felt like they were trying to make even M Night Shyamalan go "enough with the 'twists', dammit!". Oh, the one bad guy is actually a woman. His friend is really a bad guy. His love interest is good, just pretending to be bad, is good again but nope, still bad.
It is a heist film, about the underworld of Star Wars. Double crosses are not supposed to be interpreted as "twists" but hallmarks of the genre.
I didn't watch it in the theaters for the same reason a lot of people didn't, which is a shame. Solo was about Han Solo but unlike even Rogue One, it didn't feel the need to wink and nod at the audience every few minutes. I think it may be my second-favorite Star Wars film after Empire.
People didn't go out to watch but it was a good movie. It stands up really well as a sci-fi heist movie, which is remarkable given how annoyingly self-conscious the other three Disney Star Wars films have been.
... the worse Facebook looks.
The more you find out?
So you admit you were not among the 49% that understand what ad-supported means?
Short the stock on a company, then reveal you--I mean, someone--hacked them. Rinse repeat. You can even do it legally. Well, maybe wait until the lawsuit plays out first before trying that maneuver.