So you can find out what elected officials get up to online... or what regular people do when they slack off at work, if their work happens to be a government agency.
Seriously, you have to open the file AND hover over the link?
No You have to open the file, hover over the link AND click the appropriate button on the Protected View security prompt.
I guess you could avoid the click by tabbing off the "Disable" button then using space or enter. Of if you have a touch screen you could tap one of the enable buttons.
If you're using an Office product older than Office 2010. Since then you need to click "Enable" or "Enable All (not recommended)" to on the security prompt to allow the script to run.
So yes, no clicks if you're using Office 2007 or earlier.
They're protecting the plane and passengers while the plane is cruising at 40,000ft
A small explosion next to the skin of a pressurised aircraft can be catastrophic. A fire at altitude in the cargo bay is also very bad, this was the reason for requiring laptops to be taken as carry-on, so a fire can quickly be contained.
An iPhone caught on fire back in May mid flight over the pacific, it was quickly dealt with and the plane didn't crash. If it caught fire in a suitcase surrounded by combustible material, it could have caused a much bigger problem.
A bomb the size of a laptop battery pushed against the side of the cabin could make a hole large enough to cause explosive or rapid decompression. Good luck landing the plane safely.
He consented in writing that any child porn would be turned over to the FBI. He also consented that Geek Squad could search his hard drive to recover lost files, as they had to reformat it. TFA:
The case began in November 2011 when Rettenmaier, a gynecologic oncologist, took his desktop computer to a Best Buy in Mission Viejo, Calif., because it wouldn’t boot up. The technicians there were able to fix that problem, but not recover Rettenmaier’s data. Court records show that Best Buy sends all of its data recovery jobs to Geek Squad City in Brooks, Ky., outside of Louisville.
The records also show that Rettenmaier signed a form when he first handed over the computer, stating that any child pornography found by Geek Squad technicians will be reported to the authorities. When a technician called Rettenmaier to ask him if he wanted his data restored, including pictures, Rettenmaier said yes on a recorded call. In general, searches performed by private entities do not require a search warrant — only government searches do.
The only thing that was done wrong in this case was the FBI
No, it would be like you having your car towed to a repair shop to be fixed. They couldn't fix it without replacing the.... ok so a car analogy doesn't work here.
BestBuy called the guy up to ask him if they should try and recover his lost data, because they had to format and reinstall the OS. He said yes. That call was recorded. He had already also signed a consent form that said any child pornography found would be turned over to the FBI.
I haven't tested it but the draft covering this API says the browser should require a permission that covers both origins, so you'd need to grant permission for the combination of site x + 3rd party
That's need in the draft since December 2015
If that's not how it works in Chrome, then it's a bug
The majority of the spread was caused by Windows 7 machines, several months after security updates were released.
In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
It's only impacting Chrome on a PC, not Android. Most cameras on PC's have an activity LED that's going to show up when it's active. This offers no way to bypass that LED. The "red dot" has always been a "best efforts" indicator, since it's not visible to a user if they have too many tabs open or the browser is running in full-screen mode, same with the "audio playing" indicator.
The popup that is recording video still has the camera icon in its address bar. The permission popup is non-modal so doesn't stop you accessing the page, lowering the risk of "UI fatigue" induced accepting. It's got no hot-key bound to "Accept". Escape will block the permission.
You could argue full-screen mode is an even worse security bug, since it hides the whole address bar, including HTTPS issues. All you have to do is trick the user into pressing F11. No broken HTTPS icon, no recording icon, no audio playing icon, no URL is shown.
Google/Phone manufacturer already has access to the camera on your phone. Who do you think makes the Camera app? That's an app you're pretty much guaranteed to require the Camera and Audio permissions and it pre-installed. It's probably also got location permissions as well for geo-tagging. If they wanted to spy on you, that's the easiest way to do it.
Slashdot Mirror
Hang on, I can't replace the CPU, RAM, storage or battery on my phone either.
I'm sure Microsoft will miss your $0 you may have given them buying a second-hand Surface.some time in the future.
I read the comments. Didn't see why
That in August, he'll lose the appeal and is finally removed from New Zealand.
Additionally, they should revoke his residency since he lied on the application about previous criminal convictions.
I'll bet that works fine until the media adds "mediacreeper.com" to their ad-block blacklist, or block it on their corporate proxies.
So you can find out what elected officials get up to online... or what regular people do when they slack off at work, if their work happens to be a government agency.
Seriously, you have to open the file AND hover over the link?
No
You have to open the file, hover over the link AND click the appropriate button on the Protected View security prompt.
I guess you could avoid the click by tabbing off the "Disable" button then using space or enter. Of if you have a touch screen you could tap one of the enable buttons.
If you're using an Office product older than Office 2010.
Since then you need to click "Enable" or "Enable All (not recommended)" to on the security prompt to allow the script to run.
So yes, no clicks if you're using Office 2007 or earlier.
Does it work with PowerPoint for Mac, available from the App Store?
or...... not, because no browser does that. Not even IE.
You need a much bigger bomb to do damage in an open space. Take a look at the news from Manchester.
They're protecting the plane and passengers while the plane is cruising at 40,000ft
A small explosion next to the skin of a pressurised aircraft can be catastrophic.
A fire at altitude in the cargo bay is also very bad, this was the reason for requiring laptops to be taken as carry-on, so a fire can quickly be contained.
An iPhone caught on fire back in May mid flight over the pacific, it was quickly dealt with and the plane didn't crash. If it caught fire in a suitcase surrounded by combustible material, it could have caused a much bigger problem.
A bomb the size of a laptop battery pushed against the side of the cabin could make a hole large enough to cause explosive or rapid decompression. Good luck landing the plane safely.
Why would you need an internet connection to access you cloud data while you're literally in the clouds?
I would be in shock if Anna was phallic too.
But is it really going to be any good without Brian Johnson? Can Angus Young fill his shoes?
... the FBI misrepresented information when they applied for a warrant to search the mans home.
No.
He consented in writing that any child porn would be turned over to the FBI.
He also consented that Geek Squad could search his hard drive to recover lost files, as they had to reformat it.
TFA:
The case began in November 2011 when Rettenmaier, a gynecologic oncologist, took his desktop computer to a Best Buy in Mission Viejo, Calif., because it wouldn’t boot up. The technicians there were able to fix that problem, but not recover Rettenmaier’s data. Court records show that Best Buy sends all of its data recovery jobs to Geek Squad City in Brooks, Ky., outside of Louisville.
The records also show that Rettenmaier signed a form when he first handed over the computer, stating that any child pornography found by Geek Squad technicians will be reported to the authorities. When a technician called Rettenmaier to ask him if he wanted his data restored, including pictures, Rettenmaier said yes on a recorded call. In general, searches performed by private entities do not require a search warrant — only government searches do.
The only thing that was done wrong in this case was the FBI
No, it would be like you having your car towed to a repair shop to be fixed.
They couldn't fix it without replacing the.... ok so a car analogy doesn't work here.
BestBuy called the guy up to ask him if they should try and recover his lost data, because they had to format and reinstall the OS.
He said yes. That call was recorded.
He had already also signed a consent form that said any child pornography found would be turned over to the FBI.
Please try and turn it into a car analogy though.
Yeah, just bury that statutory rape and pretend it never happened.
Not if you're a minor. If it's really that important to you, seek emancipation.
I haven't tested it but the draft covering this API says the browser should require a permission that covers both origins, so you'd need to grant permission for the combination of site x + 3rd party
That's need in the draft since December 2015
If that's not how it works in Chrome, then it's a bug
What is there to withhold?
It's simply recording video in a popup after the user has explicitly granted the domain video permissions.
It's not a bug.
The majority of the spread was caused by Windows 7 machines, several months after security updates were released.
In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Release March 14: Microsoft Security Bulletin MS17-010 - Critical
It's only impacting Chrome on a PC, not Android.
Most cameras on PC's have an activity LED that's going to show up when it's active. This offers no way to bypass that LED.
The "red dot" has always been a "best efforts" indicator, since it's not visible to a user if they have too many tabs open or the browser is running in full-screen mode, same with the "audio playing" indicator.
The popup that is recording video still has the camera icon in its address bar.
The permission popup is non-modal so doesn't stop you accessing the page, lowering the risk of "UI fatigue" induced accepting. It's got no hot-key bound to "Accept". Escape will block the permission.
You could argue full-screen mode is an even worse security bug, since it hides the whole address bar, including HTTPS issues. All you have to do is trick the user into pressing F11. No broken HTTPS icon, no recording icon, no audio playing icon, no URL is shown.
Google/Phone manufacturer already has access to the camera on your phone.
Who do you think makes the Camera app? That's an app you're pretty much guaranteed to require the Camera and Audio permissions and it pre-installed. It's probably also got location permissions as well for geo-tagging.
If they wanted to spy on you, that's the easiest way to do it.