Seriously, if it's FOSS, doesn't that mean anyone can take the TrueCrypt code and do with it what they will?
Yes, but TrueCrypt has never been FOSS and by the looks of it never will be. It has always had it's own license that contained distribution and copyright-liability restrictions.
A lot of browsers are to blame for this. Both Chrome and Firefox place a big search bar in the middle of the screen and put it in auto-focus as soon as the browser starts.
Firefox gets most of its funding that way (ironically from Google) and Google gets to harvest our searches in both cases.
Right now, I think the team is mostly focused on having "something usable" in OpenBSD and I doubt they care too much about anything else outside their scope.
Having said that - forking OpenSSL to something usable and burning the remains with fire is a great idea, however there is considerable risk that the rush will cause new bugs - even though right now those commits have been mostly pulling out old crap.
Fixing the beast is going to take a long while and several things will need to happen: - Upstream hurry to put more crap into the RFC needs to cease for a while. We don't need more features at the moment, we need stability and security. - Funding. The project needs to be funded somehow. I think a model similar to Linux Foundation might work - as long as they find a suitable project leads. But major players need to agree on this - and that's easier said than done (who will even pull them to the table?) - Project team. Together with funding, we need a stable project team. Writing good crypto code in C, is bloody hard, so the team needs to be on the ball - all the time. And the modus operandi should be "refuse features, increase quality". Requires a strong Project Lead. - Patience.. fixing it is a long process, so you can't go into it hastily. You need to start somewhere (and here I applaud the OpenBSD team), but to get it done, assuming that above is in place - expect 1-3 years of effort.
In other words, Microsoft is going to proceed with a vision which may or may not be of interest to consumers, and once again tell us what we want instead of listening to us.
To be honest, if I was the CEO I wouldn't listen to "us" either. Why should I? We (I guess the collective consumers and customers) have no idea what we actually want.
Except perhaps "cool free stuff" and at most "innovation" which doesn't really mean anything at all.
He's been heading one of the divisions that has made most money lately - fairly good choice I'd say...
I agree with all of that - and additionally - Let me download/buy (all) my games on the Xbox then, just like I'd do on Steam.
I don't want to run to the shop, spend â60 (or whatever your currency ripoff price is) on a game, come home, spend time fidding with the code and then not be able to re-sell/loan in.
If you want me locked in, you gotta give me the on-demand convenience as well - otherwise no deal.
It's very slow on my S3, scrolling and navigating is hard. The pop up keeps asking which site I want and half of the time I can't seem to click "classic". The new site doesn't show synapses, just headlines which makes me click into the stories making it even laggier and jerkier than it already was.
Doesn't sound like you're hacked really. But generally:
don't:..run old versions of android (upgrade your devices - upgrade hardware if you can't run latest software)..install apps from non-appstore sources, be vary of malicious appstore apps as well (read reviews, do research before install, generally avoid "freebie" versions of paid software)...surf on strange pages, click strange links or scan QR-codes..have bluetooth/wifi/nfc on when not needed..connect to unsecure free wi-fi, ever...don't use public USB loading stations (airports, malls etc)...have sensible information on your phone/tablet.
do..use encrypted device / sd-card..use passphrase to lock the device screen..use remote wipe/anti-theft service (most AV-vendors offer this)..keep backups..consider using a VPN service for those moments you can't avoid connecting to unsecure wi-fi.
So this is not about breaching phone numbers data that are set to private. This is about finding publicly published phone numbers through the normal search.
Meh. Phonebooks didn't even have privacy policies back in the day.
A more valid complaint might have been the ever changing default settings and user interface "improvements" which make finding the said settings very hard.
No. Citizenship is not tied to a physical object like passport. The passport is property of government and can be revoked.
It's a standard method of trying to stop criminals from running - but it's not usually exercised for petty crimes (like the one Neij is wanted for). That's the only "extreme" bit about it, but I'm glad he got it back.
Slashdot Mirror
According to this page - someone e-mailed a dev contact and claims they called it quits due to lack of interest
https://www.grc.com/misc/truec...
(Scroll to the bottom, the green box).
The only real "confirmation" we have is the info on the TrueCrypt page. It's over (no matter what the reason is), best to move on.
Yes, but TrueCrypt has never been FOSS and by the looks of it never will be. It has always had it's own license that contained distribution and copyright-liability restrictions.
It's never been accepted as "open-source" by OSI.
So how about a write-up in English Mr. Golem?
What could possibly go wrong?!
A lot of browsers are to blame for this. Both Chrome and Firefox place a big search bar in the middle of the screen and put it in auto-focus as soon as the browser starts.
Firefox gets most of its funding that way (ironically from Google) and Google gets to harvest our searches in both cases.
It's a browser UI issue, not a user issue.
Right now, I think the team is mostly focused on having "something usable" in OpenBSD and I doubt they care too much about anything else outside their scope.
Having said that - forking OpenSSL to something usable and burning the remains with fire is a great idea, however there is considerable risk that the rush will cause new bugs - even though right now those commits have been mostly pulling out old crap.
Fixing the beast is going to take a long while and several things will need to happen:
- Upstream hurry to put more crap into the RFC needs to cease for a while. We don't need more features at the moment, we need stability and security.
- Funding. The project needs to be funded somehow. I think a model similar to Linux Foundation might work - as long as they find a suitable project leads. But major players need to agree on this - and that's easier said than done (who will even pull them to the table?)
- Project team. Together with funding, we need a stable project team. Writing good crypto code in C, is bloody hard, so the team needs to be on the ball - all the time. And the modus operandi should be "refuse features, increase quality". Requires a strong Project Lead.
- Patience.. fixing it is a long process, so you can't go into it hastily. You need to start somewhere (and here I applaud the OpenBSD team), but to get it done, assuming that above is in place - expect 1-3 years of effort.
USA had absolutely no grounds to remove Saddam Hussein from the power.
The only reason they received U.N mandate is because they fabricated the WMD evidence and outright lied at the hearing.
On top of it they captured people - detained unlawfully without a charge or trial and tortured during their captivity.
Condi Rice and the rest of the Bush Jr. administration should be tried for their crimes.
But at least he answered the questions instead of copy&pasting 2 year old article from his blog
JoCo > McAfee
*cough*MUD*cough*
There is - F-Secure has a cloud solution called Younited. http://www.younited.com/
You didn't even read the summary? That's very /. of you
" iOS (and OS X) SSL security bug comes the latest vulnerability in Apple's mobile operating system"
Yeah, the hash update succeeds, so err contains successful value when it jumps to the end. It never reaches the dead part where it updates.
Yeah, you'd think a compiler should have caught that.. but neither GCC or Xcode seems to do that..
Adam Langley has a great blog post dissecting this:
https://www.imperialviolet.org...
in
http://opensource.apple.com/so...
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
goto fail;
goto fail;
..they were in Moscow..
To be honest, if I was the CEO I wouldn't listen to "us" either. Why should I? We (I guess the collective consumers and customers) have no idea what we actually want.
Except perhaps "cool free stuff" and at most "innovation" which doesn't really mean anything at all.
He's been heading one of the divisions that has made most money lately - fairly good choice I'd say...
Too bad cyanogen went from great open source community effort to a cold moneygrab by couple of greedy guys. Wouldn't touch it with a pole now.
https://plus.google.com/+GuillaumeLesniak/posts/L8FJkrcahPs
I agree with all of that - and additionally -
Let me download/buy (all) my games on the Xbox then, just like I'd do on Steam.
I don't want to run to the shop, spend â60 (or whatever your currency ripoff price is) on a game, come home, spend time fidding with the code and then not be able to re-sell/loan in.
If you want me locked in, you gotta give me the on-demand convenience as well - otherwise no deal.
It's very slow on my S3, scrolling and navigating is hard.
The pop up keeps asking which site I want and half of the time I can't seem to click "classic".
The new site doesn't show synapses, just headlines which makes me click into the stories making it even laggier and jerkier than it already was.
Seems it isn't really ready for prime time yet.
apt-get install mutt
fantastic.. my nice formatting went to hell.
Doesn't sound like you're hacked really.
But generally:
don't: ..run old versions of android (upgrade your devices - upgrade hardware if you can't run latest software) ..install apps from non-appstore sources, be vary of malicious appstore apps as well (read reviews, do research before install, generally avoid "freebie" versions of paid software). ..surf on strange pages, click strange links or scan QR-codes ..have bluetooth/wifi/nfc on when not needed ..connect to unsecure free wi-fi, ever. ..don't use public USB loading stations (airports, malls etc). ..have sensible information on your phone/tablet.
do ..use encrypted device / sd-card ..use passphrase to lock the device screen ..use remote wipe/anti-theft service (most AV-vendors offer this) ..keep backups ..consider using a VPN service for those moments you can't avoid connecting to unsecure wi-fi.
That's it for starters.
So this is not about breaching phone numbers data that are set to private. This is about finding publicly published phone numbers through the normal search.
Meh. Phonebooks didn't even have privacy policies back in the day.
A more valid complaint might have been the ever changing default settings and user interface "improvements" which make finding the said settings very hard.
But even then, this is not really post-worthy.
No. Citizenship is not tied to a physical object like passport.
The passport is property of government and can be revoked.
It's a standard method of trying to stop criminals from running - but it's not usually exercised for petty crimes (like the one Neij is wanted for). That's the only "extreme" bit about it, but I'm glad he got it back.
So when was the last time you actually needed that Java-plugin in your browser?
Applets have been dead tech for years now - for most people there's no need at all to have Java plugin enabled in their browser.
Uninstall the plugin already, I bet you won't even see the difference.