Android is too insecure to store passwords on it. Point.
It depends on the implementation but it is probably more secure than the usual desktop OSes. Android is based on linux, with SELinux enabled and apps run with different UIDs. The main weakness of Android comes from the delay between the time a vulnerability is fixed and the time you actually have it installed on your phone, but beside this, the stack is quite secure. Correctly set up, the Keepass file is almost unbreakable. Effective attacks could be the keylogger or DLL injection type where you attempt to catch the master password as the user enters it and these are harder to do on Android. Even phishing is probably a bit harder too.
What you should watch out are clipboard-based systems as it is easy to sniff out passwords. Especially on Samsung phones where there is a clipboard history feature.
For me the idea is that if you are somehow implicated in a situation with the law enforcement, you can have evidence of what actually happened. Not a way for journalists to get free footage so they can exploit it. $200/h is peanuts for them, $200 is what a friend got paid for a few minutes of crappy cell phone footage of a skilift that stalled for a couple of hours.
I'd like the result of the judgment to be : here, have your footage for free, CC BY-NC-SA licensed. But I doubt it will be the outcome.
Does god exist? That's something we'll never know. An even if we manage to prove his existence, there is no way to know if there isn't some "supergod" on top of him. We usually exclude god from science because of the Occam razor, but Occam razor is a heuristic, a way to better focus our research rather than an absolute truth. You can replace god with simulations, extra dimensions or what lies beyond the observable universe as long as it is unfalsifiable.
If something as simple as knowing if a piece of code will do an infinite loop is impossible (see : halting problem), how can we even consider that there isn't any part of the universe that is unknowable.
Google cars, the ones that go in actual traffic are self-driving, not driverless. Because there is still a driver in the car in case of emergency. Passenger airplanes nowadays are pretty much self-flying, but they are not pilotless.
Reading the title, I thought that "spotlighting harassment" literally meant shining bright spotlights where astronomers use their telescopes. Which is, I guess, an effective way to piss them off.
Being the boss doesn't mean that you should be paid more. Usually they are, for several good reasons, but it isn't always the case. It maybe because the worker have a particularly valuable set of skills or the work conditions are difficult. A friend of mine manages a small team where some of his guys are paid twice as much as he is. That's because they are more experienced and have to work in shifts while he gets normal office hours.
Not all cannabinoids are THC. In fact There is a whole market for synthetic cannabinoids as legal substitutes for marijuana, most of them much more dangerous than the real thing and usually made illegal as they gain popularity. Additionally, because THC is a well known natural substance, it is not patentable and the pharmaceutical industry doesn't like it. Should they make a drug containing cannabinoids, they are more likely to use a molecule that can be patented.
Stuxnet broke through airgaps via infected USB keys. When you are against the NSA or similar entities, disconnecting from the internet is not enough to protect you from cyberattacks.
Remember that the head assembly of the cheapest optical drive maintains micron accuracy
With modern hard drive, according to Wikipedia, the flight height of the head is at 3 nanometers. I actually didn't believe it at first and had to check a few other sources to convince myself that there weren't a few zeroes missing. There is even research for subnanometer flight height. To get down to such ridiculously small values, the flight height is controlled using thermal expansion based techniques, using a small heating element inside the head.
People used to work for basic subsistence, now they work for leisure and non-essentials. The middle and upper classes could work less, but instead, they prefer to stick to 40 hour weeks and get better leisure, more gadgets, etc... It creates a feedback loop : for example, let's say you want an iPhone, you work maybe 50h to get it, which, in turn give work everyone involved in making and handing you this iPhone. The iPhone, a non-essential, created work out of thin air. You go for a trip to Hawaii, same thing : you work to pay for your trip, which give work to people who build the plane you are taking, extract and refine the fuel you are using, and all the staff serving you...
Since this is about nuclear: here's a cutaway of a "small" (180MW) reactor. This is just the reactor building, not all of the associated buildings, such as the (very large) turbine house, primary and backup support systems, power distribution infrastructure, and on and on. Again, that's a small reactor.
And that's the reason why we don't build small reactors. Most reactors built today exceed the gigawatt mark. And it is also true for fossil fuel plants, and it would be true for reneweables if they weren't dependent on the landscape. That's square-cube law at work here.
Speech recognition existed many years ago and it had practical applications. It is just that talking to a machine feels awkward. Who doesn't hate those answering machines that ask you to tell them what you want rather than using a keypad menu or an actual human operator?
It was more about making socially acceptable rather than a technological problem.
MD5 is vulnerable to full collision attacks SHA-1 is vulnerable to freestart collision attacks None of them are vulnerable to preimage attacks
It means that SHA-1 is still safe in the vast majority of applications. Freestart collisions are almost useless in practice, they are only worrisome because they may lead the way to full collision attacks. MD5 is safe for storing passwords or checking that a file has not been tampered with by a third party. For example, if you download a program, ask the developer (who you trust) or check his website for the expected MD5 and it matches, then you can be reasonably sure that what you got is authentic. However, because it is vulnerable to collision attacks, it is not suitable for digital signature applications.
What do you mean by "installing an entirely different browser" ? If you have a snapdragon SoC you can try jswarts browser : it is derived from Chromium and work exactly like Google Chrome, it even syncs with your Google account, except it has an adbocker, and it is faster. #NoChromo is also a ad-blocked Chromium but it is outdated. If you are using Firefox mobile, just install uBlock. You don't need the "AdBlock browser"
As for more general ad-blocking without root, there are proxy-based blockers like the ABP app but they only work on WiFi.
Not really OO design but modular design. OO is just a way to this end, functional programming is another one. And you can be modular in C, too, there are plenty of excellent C APIs out there, starting with the libc iteslf. As for the Lego brick metaphor, it is very theoretical. In practice, abstractions leak. Which mean that to use the brick properly, you need to know what's inside the brick. Like, for example, garbage collectors that should manage the memory for you and yet, you need to help it in some cases (cycles,...).
Taxes In Europe, gasoline is taxed more than diesel fuel. The goal was to tax cars more than trucks, the diesel car is basically a tax exploit. Diesel is also more efficient, which is, again, a significant advantage when taxes make fuel expensive.
Whales are usually not obsessive compulsive types, unlike addict gamblers. They know how much they are spending and think it is worth it. The typical amount spend (around $100/month) is well within the entertainment budget of the average American (~$200/month). It is not like anyone is ruining his life here, so where is the problem?
Like always, there are some players which are actual addicts with mental issues but they are not your typical whale.
In my company, we sometimes use open source software as part of a deliverable. Sometimes we find bugs in parts that are that are important for our use, so we fix them, and try to work with the community to integrate the patch. We don't do this because we are generous, we do this because we don't want to maintain a fork. That others can benefit from our work is a happy side effect. This make us maintainers, probably like many others.
I think the solution is more insurance-like : when a company asks for personal data, a damage clause must be present on the contract, repaying $xxx in case of a data leak. Like when you send a package and get a certain amount of money back if the package is lost. The advantage is that it will open an insurance business, and insurances are much better at dealing with security than the legal system. The idea would be like with physical security : you open a warehouse, you promise your clients you will pay them back if their stuff is stolen, you then contact an insurance company to deal with this case, the insurance company will mandate security measures (alarm, high security locks, etc...)
Slashdot Mirror
Android is too insecure to store passwords on it. Point.
It depends on the implementation but it is probably more secure than the usual desktop OSes.
Android is based on linux, with SELinux enabled and apps run with different UIDs. The main weakness of Android comes from the delay between the time a vulnerability is fixed and the time you actually have it installed on your phone, but beside this, the stack is quite secure.
Correctly set up, the Keepass file is almost unbreakable. Effective attacks could be the keylogger or DLL injection type where you attempt to catch the master password as the user enters it and these are harder to do on Android. Even phishing is probably a bit harder too.
What you should watch out are clipboard-based systems as it is easy to sniff out passwords. Especially on Samsung phones where there is a clipboard history feature.
For me the idea is that if you are somehow implicated in a situation with the law enforcement, you can have evidence of what actually happened.
Not a way for journalists to get free footage so they can exploit it. $200/h is peanuts for them, $200 is what a friend got paid for a few minutes of crappy cell phone footage of a skilift that stalled for a couple of hours.
I'd like the result of the judgment to be : here, have your footage for free, CC BY-NC-SA licensed. But I doubt it will be the outcome.
Does god exist? That's something we'll never know. An even if we manage to prove his existence, there is no way to know if there isn't some "supergod" on top of him.
We usually exclude god from science because of the Occam razor, but Occam razor is a heuristic, a way to better focus our research rather than an absolute truth.
You can replace god with simulations, extra dimensions or what lies beyond the observable universe as long as it is unfalsifiable.
If something as simple as knowing if a piece of code will do an infinite loop is impossible (see : halting problem), how can we even consider that there isn't any part of the universe that is unknowable.
Google cars, the ones that go in actual traffic are self-driving, not driverless. Because there is still a driver in the car in case of emergency.
Passenger airplanes nowadays are pretty much self-flying, but they are not pilotless.
Reading the title, I thought that "spotlighting harassment" literally meant shining bright spotlights where astronomers use their telescopes. Which is, I guess, an effective way to piss them off.
Being the boss doesn't mean that you should be paid more. Usually they are, for several good reasons, but it isn't always the case. It maybe because the worker have a particularly valuable set of skills or the work conditions are difficult.
A friend of mine manages a small team where some of his guys are paid twice as much as he is. That's because they are more experienced and have to work in shifts while he gets normal office hours.
Not all cannabinoids are THC. In fact There is a whole market for synthetic cannabinoids as legal substitutes for marijuana, most of them much more dangerous than the real thing and usually made illegal as they gain popularity.
Additionally, because THC is a well known natural substance, it is not patentable and the pharmaceutical industry doesn't like it. Should they make a drug containing cannabinoids, they are more likely to use a molecule that can be patented.
Stuxnet broke through airgaps via infected USB keys.
When you are against the NSA or similar entities, disconnecting from the internet is not enough to protect you from cyberattacks.
Remember that the head assembly of the cheapest optical drive maintains micron accuracy
With modern hard drive, according to Wikipedia, the flight height of the head is at 3 nanometers. I actually didn't believe it at first and had to check a few other sources to convince myself that there weren't a few zeroes missing. There is even research for subnanometer flight height.
To get down to such ridiculously small values, the flight height is controlled using thermal expansion based techniques, using a small heating element inside the head.
They weight exactly 1 gram and have a diameter of exactly 1cm. At least, they have some practical value.
People used to work for basic subsistence, now they work for leisure and non-essentials.
The middle and upper classes could work less, but instead, they prefer to stick to 40 hour weeks and get better leisure, more gadgets, etc... It creates a feedback loop : for example, let's say you want an iPhone, you work maybe 50h to get it, which, in turn give work everyone involved in making and handing you this iPhone.
The iPhone, a non-essential, created work out of thin air. You go for a trip to Hawaii, same thing : you work to pay for your trip, which give work to people who build the plane you are taking, extract and refine the fuel you are using, and all the staff serving you...
Since this is about nuclear: here's a cutaway of a "small" (180MW) reactor. This is just the reactor building, not all of the associated buildings, such as the (very large) turbine house, primary and backup support systems, power distribution infrastructure, and on and on. Again, that's a small reactor.
And that's the reason why we don't build small reactors. Most reactors built today exceed the gigawatt mark.
And it is also true for fossil fuel plants, and it would be true for reneweables if they weren't dependent on the landscape. That's square-cube law at work here.
It's called "enclosure".
No, it is called enclosure(r)(tm).
For additional information, please contact our legal department.
http://www.openmusiclabs.com/p...
Useful and you couldn't get simpler.
Whether you want to bring your kids to loud concerts is another story though.
Speech recognition existed many years ago and it had practical applications. It is just that talking to a machine feels awkward.
Who doesn't hate those answering machines that ask you to tell them what you want rather than using a keypad menu or an actual human operator?
It was more about making socially acceptable rather than a technological problem.
MD5 is vulnerable to full collision attacks
SHA-1 is vulnerable to freestart collision attacks
None of them are vulnerable to preimage attacks
It means that SHA-1 is still safe in the vast majority of applications. Freestart collisions are almost useless in practice, they are only worrisome because they may lead the way to full collision attacks.
MD5 is safe for storing passwords or checking that a file has not been tampered with by a third party. For example, if you download a program, ask the developer (who you trust) or check his website for the expected MD5 and it matches, then you can be reasonably sure that what you got is authentic. However, because it is vulnerable to collision attacks, it is not suitable for digital signature applications.
What do you mean by "installing an entirely different browser" ?
If you have a snapdragon SoC you can try jswarts browser : it is derived from Chromium and work exactly like Google Chrome, it even syncs with your Google account, except it has an adbocker, and it is faster.
#NoChromo is also a ad-blocked Chromium but it is outdated.
If you are using Firefox mobile, just install uBlock. You don't need the "AdBlock browser"
As for more general ad-blocking without root, there are proxy-based blockers like the ABP app but they only work on WiFi.
And maybe the drone will have a smaller drone to make sure the way is clear for the first drone, it's drones all the way up.
Now that nearly everything is made in China, nuking China may be actually be more damaging to us than nuking ourselves.
Not really OO design but modular design. OO is just a way to this end, functional programming is another one. And you can be modular in C, too, there are plenty of excellent C APIs out there, starting with the libc iteslf. ...).
As for the Lego brick metaphor, it is very theoretical. In practice, abstractions leak. Which mean that to use the brick properly, you need to know what's inside the brick. Like, for example, garbage collectors that should manage the memory for you and yet, you need to help it in some cases (cycles,
Taxes
In Europe, gasoline is taxed more than diesel fuel. The goal was to tax cars more than trucks, the diesel car is basically a tax exploit.
Diesel is also more efficient, which is, again, a significant advantage when taxes make fuel expensive.
It's amazing that scientists can alter or destroy life.
They seem unable to create life from a chemical soup, or restore life after death. Why do you think that is?
For the same reason it is easier to alter or destroy a car than build one from raw materials or repair it after most parts have worn out.
Whales are usually not obsessive compulsive types, unlike addict gamblers. They know how much they are spending and think it is worth it.
The typical amount spend (around $100/month) is well within the entertainment budget of the average American (~$200/month). It is not like anyone is ruining his life here, so where is the problem?
Like always, there are some players which are actual addicts with mental issues but they are not your typical whale.
In my company, we sometimes use open source software as part of a deliverable.
Sometimes we find bugs in parts that are that are important for our use, so we fix them, and try to work with the community to integrate the patch. We don't do this because we are generous, we do this because we don't want to maintain a fork. That others can benefit from our work is a happy side effect.
This make us maintainers, probably like many others.
I think the solution is more insurance-like : when a company asks for personal data, a damage clause must be present on the contract, repaying $xxx in case of a data leak. Like when you send a package and get a certain amount of money back if the package is lost.
The advantage is that it will open an insurance business, and insurances are much better at dealing with security than the legal system. The idea would be like with physical security : you open a warehouse, you promise your clients you will pay them back if their stuff is stolen, you then contact an insurance company to deal with this case, the insurance company will mandate security measures (alarm, high security locks, etc...)