I've had 100% successful delivery from the projects I've backed. Caveat emptor.
You need to do some background research. Treat it more like a speculative investment, not buying widgets from Amazon.
If there's a huge rift between their best prototype demonstration and reality, probably best not to back. If it looks half their funding goal is to cover the special effects budget in the "demo" video, pass that one by...
As an unhappy Surface user, I applaud Apple's ability to recognize that a tablet and a "computer" (be it laptop or desktop) are fundamentally different usage scenarios that the same hardware and/or OS are unlikely to satisfy without compromising and making both experiences less optimal.
For the record, you can in fact hook a USB keyboard up to iPad (and even iPhone). Bluetooth also works if you prefer wireless. The devices don't have standard USB ports, but an $8 adapter (http://www.amazon.com/dp/B00HPQUBGK) works nicely if you prefer wires. On occasions that I plan to do major writing while traveling, I'll bring a BT keyboard along. I always have the adapter with me in case something sneaks up. I can just "borrow" a standard USB keyboard from somewhere and type up War & Peace on the go...
iOS can also do some (very) limited things in terms of USB storage with one of those adapters, but it's pretty much limited to dumping photos to/from a memory card. General purpose USB storage capabilities might be nice sometimes, but they've never been the thing that made me pick up my Surface instead of my iPad.
About the only win on the Surface is the proper stylus which makes handwritten note taking much better. Haven't had a chance to try out Apple's new stylus thing on the iPad Pro yet. Very much hoping they bring it to the next iPad-normal revision as the extra size of the Pro is almost as much of a DO NOT WANT for me as the oversized iPhone 6 line.
Setting your User-Agent to something that looks iThing-ish is sometimes enough to get sites to serve their mobile versions with MP4 based video instead of flash.
Great! You can encrypt some files. You're amazing!
Show me a zero-click network infection vector, then I'll be a little worried. Yes, I've already removed Flash and never installed Adobe Reader. No, getting me to execute an email attachment (after disabling Gatekeeper) doesn't count.
“Singles only” or “no kids” is currently okay only in “senior living facilities” in most states. You can say grandma & grandpa can’t bring their (grand)kids to live in the old folks’ home with them. You *can’t* (legally) say that in any other housing situation in any state that I’m aware of. Nor can you say the opposite, (“families (implying with kids) only”). All falls under “discriminatory housing practices.” Baaad.
Sounds like one of those things that a group of people *should* be able to get together and decide for themselves is the way things are going to be. Problem is it was decided that it was one of those things that was prone to “abuse” and that consenting adults aren’t adult-y enough to choose of their own volition, so your friend the Government chooses for you.
I’d think laws keyed to age of those “protected” by them ought to fall to Equal Protection, but IANAL, so what do I know?
I live in New York, so I’ll be looking forward to the filing in Onondaga County Supreme Court. Should be an interesting fight.
Any reasoanble implementation would overwrite the victim file’s blocks with the encrypted ones in-place. Most filesystems can’t do anything to undelete that. A copy-on-write system like ZFS would technically still have the blocks, but good luck reconstructing the metadata if you don’t have a snapshot pinned to them. SSD wear leveling might also preserve the original blocks, but again good luck getting to them in the right order.
You'd run the risk of overloading power supplies that way. Most phones can draw from 500mA to 2A+ these days. You wouldn't see problems until you tried to pull at maximum power, and at that point the first "problem" may well be magic blue smoke.
The sense resistors let the device know in advance what the maximum safe draw is before they damage the supply (which might be the motherboard of your computer, not just a $5 wall wart from the gas station).
Using sense resistors in cables or charger plugs is pretty much universal and works very well. That's how phones tell the difference with between a "standard" 500mA USB port and a 2A high power charger. If the phone tried to draw 2A off a 500mA supply, odds are all the magic blue smoke would get out... (See http://blog.curioussystem.com/...)
There's nothing wrong with sense resistors when the cables are manufactured properly. The problem is if the manufacturer puts the wrong resistors in because they don't know any better or because they're cheap and they're trying to cheat with cheaper components. In the case of USB 2 stuff, pulling 2A from a 500mA brick probably wouldn't end too well. For USB-C, if you try to pull 3A+ over a wire that's only rated for 500mAh... Well... Most likely what you've got there is a 3 meter long fuse... If you're lucky, the power supply will fail safely before the heat from the additional current ignites anything.
Or more realistically, you may find the laptop gets flaky when it adjusts its power management to assume it can draw a particular amount of power from the cord only to fall short when power demands reach peak levels.
TFA dealt with the UK where circumcision is unusual. The CDC numbers are from the US where male infant circumcision is routine. There are other studies showing a pretty strong link between the pain & trauma of infant circumcision and a much higher rate of ASD. It's about 5x versus babies who remained intact.
CDC says males are about 5x more likely than females to land on the spectrum. You don't say...
Correlation != causation, but it should make you wonder a bit.
Apple still being somewhat BSD-ish has that going for them. Too bad they wall the garden and fuck it up.
Serious, non-trolly question: Have you actually used OS X for more than few minutes and tried to do anything that ran into the garden’s walls? Yes, default config won’t run binaries from just anywhere. For the majority of users, this is a GoodThing(TM). Want to run something you got from this guy you know? Go in to System Preferences -> Security & Privacy, General. Click the lock, enter your password, and choose “Allow apps downloaded from:” Anwhere. Done. The walls to the garden just came a’tumblin’ down. You may now aim squarely at your foot and pull the trigger at will. You’ll get one “Are you sure?” prompt for each new binary you run. Click Open, and you’ll never be nagged for that binary again.
Running unsigned kernel drivers or monkeying with OS-installed binaries takes a little more work in El Capitan. Run `csrutil disable` and reboot. The system is yours to alter and/or destroy without limitation once again.
I’m sure I fit the profile of fanboi just a little, but I genuinely think Apple has struck a good balance on their desktop OS. The vast majority of users will have no idea how to disable these protections and therefore shouldn’t disable them. If you can’t figure out how to run arbitrary binaries you downloaded from the Internet, then you lack the knowledge to make informed consent about whether you should do so. If you know what you’re doing, flip two switches, and the OS won’t stand in your way.
With any pamd implementation worth using, you can use two-factor authentication.
Setting up Google Authenticator / Authy style two-factor is fairly straightforward in pamd for SSH logins. Not special sauce for the VPN, just poorly configured SSH. No doubt the VPN's more likely to have a nice shiny checkbox to enable it versus hacking pamd config files, but a well-configured VPN is still not magically more secure than a well-configured SSHd.
Not everybody’s data is interesting or valueable. If they’re not storing CC#’s or SSN’s, most attackers probably can’t monitize whatever they might find in the DB.
Their bandwidth (assuming an outbound DDoS) or their willingness to pay to keep their systems up (inbound DoS against the company’s other servers) is likely to be far more lucrative than trying to fence their data.
Here’s the thing about VPN though... Explain what secret sauce protects a VPN against a brute force password attack that isn’t also applicable to SSH. Yes, most VPN appliances have decent lockout policies out of box, but you can do the exact same with SSH, fail2ban, etc.
If there was a protocol exploit where SSH allowed an attacker in without credentials, then yes sticking a tunneling protocol in front to protect it has value. When you’re talking credential attacks, it doesn’t matter what enpoint they’re brute forcing against. They either get the right password or they don’t. Or better yet, you disabled password based auth completely and they’re trying to guess the right 8192-bit key which probably isn’t going to happen before the hardrives in the server grind themselves to metal shavings anyways. (VPN or SSH doesn’t make a difference there either).
This may come as a shock, but l33t gamer laptop isn’t the only valid market for portable Intel based hardware. I’d venture to say greater than 80% of buyers wouldn’t know an i5 from an i7 if you poked them in the eye with it. They don’t need to, because the difference between those CPU’s doesn’t actually give them anything they’ll make use of.
The CPU & GPU are more than adequate for running the business applications, email, web browsing, etc. that most people buying this device will use it for. Going overkill on CPU/GPU needlessly increases the price, decreases battery life, increases cooling needs, fan noise, etc. Very few applications outside of gaming are actually CPU or GPU bound. Better to spend the money on more or faster storage or more RAM.
“Moar Power!!!” isn’t always the correct solution when building a portable device.
You’ve missed the point of Apple hardware. Yes, running Mac OS and its JustWorks OS/hardware combo is a main point for most people. But they also make really well designed hardware that LASTS a long time. Solid metal cases where most other manufacturers are still cheaping out on plastic. I’ve got a 10 year old PowerBook and a 5 year old MacBook Pro that both still run fine after being bounced around in a laptop bag traveling all over the earth for years. The MBP is still my primary laptop. With a bit of extra RAM and an SSD upgrade, it’s a very servicable machine. If I wanted to run Linux as my primary OS, Apple hardware would still likely be my first choice to do it. The OS isn’t their own strength (though it is a big one, IMHO). The hardware is something I’ve always more than got my money’s worth from.
As far as the Surface goes The last one I used much of was the Surface 2, and the hardware there was pretty lousy. Dunno if the 4 is better to the point that it’s worth using the hardware as a platform for your OS of choice, but that’s certainly a possibility. High resolution screen, full capacitive + digitizer touch screen, and pretty good CPU specs Assuming you can get all that harware running under Linux, it might not be a bad little machine.
The OS itself isn’t terrible at scaling up, but “it’s all about the apps.” Far too many apps seem like they were never tested at anything other than default DPI settings. You change DPI, and the Start menu & title bars get bigger, but the client area of an awful lot of apps just looks silly. Either unchanged (so still teeny tiny) or only parts of it scale, label text gets cut off, etc. Win 7, 8, 8.1, 10 They aren’t materially changed in terms of their own scaling abilities, but the apps have been sloooooow to improve.
Windows’ strength has always been the number of apps available for it, but at least when you’re trying to shoehorn it into a tablet form factor, the number of apps that run well enough that you’d actually want to use them is a bit more important. iOS & Android win hands down in that regard.
These hard drives comes pre-formatted, pre-encrypted
So WD by definition knew the AES key the drive was encrypted with. Even if they did everything else perfectly (which they clearly didn't), somebody besides you knew the key. Fail...
In 1971, ALOHAnet connected the Hawaiian Islands with a UHF wireless packet network. ALOHAnet and the ALOHA protocol were early forerunners to Ethernet, and later the IEEE 802.11 protocols, respectively.
So the first thing you do is you login to the main server. Then you type `sudo rm -rf/`. Yup. Just enter the root password quick, and you’ll be all set!
Slashdot Mirror
I've had 100% successful delivery from the projects I've backed. Caveat emptor.
You need to do some background research. Treat it more like a speculative investment, not buying widgets from Amazon.
If there's a huge rift between their best prototype demonstration and reality, probably best not to back. If it looks half their funding goal is to cover the special effects budget in the "demo" video, pass that one by...
Could we PLEASE have a basic IQ and literacy test requirement to serve in public office?
Single point to take the entire country offline?
CLOSED: Works as designed.
As an unhappy Surface user, I applaud Apple's ability to recognize that a tablet and a "computer" (be it laptop or desktop) are fundamentally different usage scenarios that the same hardware and/or OS are unlikely to satisfy without compromising and making both experiences less optimal.
For the record, you can in fact hook a USB keyboard up to iPad (and even iPhone). Bluetooth also works if you prefer wireless. The devices don't have standard USB ports, but an $8 adapter (http://www.amazon.com/dp/B00HPQUBGK) works nicely if you prefer wires. On occasions that I plan to do major writing while traveling, I'll bring a BT keyboard along. I always have the adapter with me in case something sneaks up. I can just "borrow" a standard USB keyboard from somewhere and type up War & Peace on the go...
iOS can also do some (very) limited things in terms of USB storage with one of those adapters, but it's pretty much limited to dumping photos to/from a memory card. General purpose USB storage capabilities might be nice sometimes, but they've never been the thing that made me pick up my Surface instead of my iPad.
About the only win on the Surface is the proper stylus which makes handwritten note taking much better. Haven't had a chance to try out Apple's new stylus thing on the iPad Pro yet. Very much hoping they bring it to the next iPad-normal revision as the extra size of the Pro is almost as much of a DO NOT WANT for me as the oversized iPhone 6 line.
Setting your User-Agent to something that looks iThing-ish is sometimes enough to get sites to serve their mobile versions with MP4 based video instead of flash.
Great! You can encrypt some files. You're amazing!
Show me a zero-click network infection vector, then I'll be a little worried. Yes, I've already removed Flash and never installed Adobe Reader. No, getting me to execute an email attachment (after disabling Gatekeeper) doesn't count.
It’ll be an interesting lawsuit to be sure.
“Singles only” or “no kids” is currently okay only in “senior living facilities” in most states. You can say grandma & grandpa can’t bring their (grand)kids to live in the old folks’ home with them. You *can’t* (legally) say that in any other housing situation in any state that I’m aware of. Nor can you say the opposite, (“families (implying with kids) only”). All falls under “discriminatory housing practices.” Baaad.
Sounds like one of those things that a group of people *should* be able to get together and decide for themselves is the way things are going to be. Problem is it was decided that it was one of those things that was prone to “abuse” and that consenting adults aren’t adult-y enough to choose of their own volition, so your friend the Government chooses for you.
I’d think laws keyed to age of those “protected” by them ought to fall to Equal Protection, but IANAL, so what do I know?
I live in New York, so I’ll be looking forward to the filing in Onondaga County Supreme Court. Should be an interesting fight.
Any reasoanble implementation would overwrite the victim file’s blocks with the encrypted ones in-place. Most filesystems can’t do anything to undelete that. A copy-on-write system like ZFS would technically still have the blocks, but good luck reconstructing the metadata if you don’t have a snapshot pinned to them. SSD wear leveling might also preserve the original blocks, but again good luck getting to them in the right order.
You'd run the risk of overloading power supplies that way. Most phones can draw from 500mA to 2A+ these days. You wouldn't see problems until you tried to pull at maximum power, and at that point the first "problem" may well be magic blue smoke.
The sense resistors let the device know in advance what the maximum safe draw is before they damage the supply (which might be the motherboard of your computer, not just a $5 wall wart from the gas station).
Using sense resistors in cables or charger plugs is pretty much universal and works very well. That's how phones tell the difference with between a "standard" 500mA USB port and a 2A high power charger. If the phone tried to draw 2A off a 500mA supply, odds are all the magic blue smoke would get out... (See http://blog.curioussystem.com/...)
There's nothing wrong with sense resistors when the cables are manufactured properly. The problem is if the manufacturer puts the wrong resistors in because they don't know any better or because they're cheap and they're trying to cheat with cheaper components. In the case of USB 2 stuff, pulling 2A from a 500mA brick probably wouldn't end too well. For USB-C, if you try to pull 3A+ over a wire that's only rated for 500mAh... Well... Most likely what you've got there is a 3 meter long fuse... If you're lucky, the power supply will fail safely before the heat from the additional current ignites anything.
Or more realistically, you may find the laptop gets flaky when it adjusts its power management to assume it can draw a particular amount of power from the cord only to fall short when power demands reach peak levels.
http://www.telegraph.co.uk/men...
That's the study. I misquoted. 2x increase in ASD for infant circ.
TFA dealt with the UK where circumcision is unusual. The CDC numbers are from the US where male infant circumcision is routine. There are other studies showing a pretty strong link between the pain & trauma of infant circumcision and a much higher rate of ASD. It's about 5x versus babies who remained intact.
CDC says males are about 5x more likely than females to land on the spectrum. You don't say...
Correlation != causation, but it should make you wonder a bit.
Serious, non-trolly question: Have you actually used OS X for more than few minutes and tried to do anything that ran into the garden’s walls? Yes, default config won’t run binaries from just anywhere. For the majority of users, this is a GoodThing(TM). Want to run something you got from this guy you know? Go in to System Preferences -> Security & Privacy, General. Click the lock, enter your password, and choose “Allow apps downloaded from:” Anwhere. Done. The walls to the garden just came a’tumblin’ down. You may now aim squarely at your foot and pull the trigger at will. You’ll get one “Are you sure?” prompt for each new binary you run. Click Open, and you’ll never be nagged for that binary again.
Running unsigned kernel drivers or monkeying with OS-installed binaries takes a little more work in El Capitan. Run `csrutil disable` and reboot. The system is yours to alter and/or destroy without limitation once again.
I’m sure I fit the profile of fanboi just a little, but I genuinely think Apple has struck a good balance on their desktop OS. The vast majority of users will have no idea how to disable these protections and therefore shouldn’t disable them. If you can’t figure out how to run arbitrary binaries you downloaded from the Internet, then you lack the knowledge to make informed consent about whether you should do so. If you know what you’re doing, flip two switches, and the OS won’t stand in your way.
So the new meme is s/Lee/Schneier/g now?
The encryption is fine. The original key generation process is flawed. Regenerate keys correctly, and the traffic is secure(*) again.
(*) At least to the point that (according to TFA) it should take the various TLA’s about a year per key of Very Expensive computer time to break.
With any pamd implementation worth using, you can use two-factor authentication.
Setting up Google Authenticator / Authy style two-factor is fairly straightforward in pamd for SSH logins. Not special sauce for the VPN, just poorly configured SSH. No doubt the VPN's more likely to have a nice shiny checkbox to enable it versus hacking pamd config files, but a well-configured VPN is still not magically more secure than a well-configured SSHd.
Not everybody’s data is interesting or valueable. If they’re not storing CC#’s or SSN’s, most attackers probably can’t monitize whatever they might find in the DB.
Their bandwidth (assuming an outbound DDoS) or their willingness to pay to keep their systems up (inbound DoS against the company’s other servers) is likely to be far more lucrative than trying to fence their data.
Here’s the thing about VPN though... Explain what secret sauce protects a VPN against a brute force password attack that isn’t also applicable to SSH. Yes, most VPN appliances have decent lockout policies out of box, but you can do the exact same with SSH, fail2ban, etc.
If there was a protocol exploit where SSH allowed an attacker in without credentials, then yes sticking a tunneling protocol in front to protect it has value. When you’re talking credential attacks, it doesn’t matter what enpoint they’re brute forcing against. They either get the right password or they don’t. Or better yet, you disabled password based auth completely and they’re trying to guess the right 8192-bit key which probably isn’t going to happen before the hardrives in the server grind themselves to metal shavings anyways. (VPN or SSH doesn’t make a difference there either).
This may come as a shock, but l33t gamer laptop isn’t the only valid market for portable Intel based hardware. I’d venture to say greater than 80% of buyers wouldn’t know an i5 from an i7 if you poked them in the eye with it. They don’t need to, because the difference between those CPU’s doesn’t actually give them anything they’ll make use of.
The CPU & GPU are more than adequate for running the business applications, email, web browsing, etc. that most people buying this device will use it for. Going overkill on CPU/GPU needlessly increases the price, decreases battery life, increases cooling needs, fan noise, etc. Very few applications outside of gaming are actually CPU or GPU bound. Better to spend the money on more or faster storage or more RAM.
“Moar Power!!!” isn’t always the correct solution when building a portable device.
You’ve missed the point of Apple hardware. Yes, running Mac OS and its JustWorks OS/hardware combo is a main point for most people. But they also make really well designed hardware that LASTS a long time. Solid metal cases where most other manufacturers are still cheaping out on plastic. I’ve got a 10 year old PowerBook and a 5 year old MacBook Pro that both still run fine after being bounced around in a laptop bag traveling all over the earth for years. The MBP is still my primary laptop. With a bit of extra RAM and an SSD upgrade, it’s a very servicable machine. If I wanted to run Linux as my primary OS, Apple hardware would still likely be my first choice to do it. The OS isn’t their own strength (though it is a big one, IMHO). The hardware is something I’ve always more than got my money’s worth from.
As far as the Surface goes The last one I used much of was the Surface 2, and the hardware there was pretty lousy. Dunno if the 4 is better to the point that it’s worth using the hardware as a platform for your OS of choice, but that’s certainly a possibility. High resolution screen, full capacitive + digitizer touch screen, and pretty good CPU specs Assuming you can get all that harware running under Linux, it might not be a bad little machine.
The OS itself isn’t terrible at scaling up, but “it’s all about the apps.” Far too many apps seem like they were never tested at anything other than default DPI settings. You change DPI, and the Start menu & title bars get bigger, but the client area of an awful lot of apps just looks silly. Either unchanged (so still teeny tiny) or only parts of it scale, label text gets cut off, etc. Win 7, 8, 8.1, 10 They aren’t materially changed in terms of their own scaling abilities, but the apps have been sloooooow to improve.
Windows’ strength has always been the number of apps available for it, but at least when you’re trying to shoehorn it into a tablet form factor, the number of apps that run well enough that you’d actually want to use them is a bit more important. iOS & Android win hands down in that regard.
From TF-PDF:
So WD by definition knew the AES key the drive was encrypted with. Even if they did everything else perfectly (which they clearly didn't), somebody besides you knew the key. Fail...
Not so much: https://en.wikipedia.org/wiki/...
So the first thing you do is you login to the main server. Then you type `sudo rm -rf /`. Yup. Just enter the root password quick, and you’ll be all set!
None. Always wear gloves when catching squirrels. They’re sharp.