There are plenty of gadgets out there (including wallets and sleeves for individual cards) that will store your credit cards and prevent them being read remotely. If you are concerned about your RFID card being stolen, just get one of those blockers.
I am not a fan of the fact that you need to spend big money on an expensive certificate, more money on setting up a legal entity that will satisfy those organizations who can issue the right EV code signing certificate that Microsoft will accept and even more money on all the required hardware to actually test your driver or what it means for open source software but this move DOES have some benefits.
It reduces the amount of crappy drivers out there (both because of the testing and because entities who are making crappy drivers tend to be the ones who dont want to spend the money on certificating and signing).
It also makes it harder for anyone wanting to create kernel level malware since either Microsoft will refuse to sign it in the first place or Microsoft will revoke the signature (and blacklist the creator of those drivers).
The increased requirements in terms of the code signing certificate you need to submit drivers to Microsoft also eliminates problems with rogue code signing certificates (i.e. all the times when a code signing certificate was stolen from a major hardware vendor and used to sign malware or other bad things)
I do wonder what this means for government/law enforcement/intelligence agencies though. We know from various leaks and other things that governments and their agencies have used kernel drivers (or things that can only be done with kernel drivers even if its not actually explicit that kernel drivers are being used) as part of their spying/hacking/law enforcement efforts. Will the NSA be given the ability to sign a kernel driver that can run on a standard Windows 10 install? What about the Chinese Government (the censor-ware they wanted to force PC manufacturers to install on new PCs almost certainly requires kernel-level code to do the things it does). Or the German Bundespolizei? (the spyware they have reportedly used to spy on things like Skype may well need kernel code in order to do its job)
And of course if http://limadriver.org/ is ever advanced to the point where it is usable on whatever flavor of Mali GPU the A20 has, the whole issue will become moot and no blobs will be required anymore.
I used instructions online to install Windows 10 to a VHD file on one of my external disks so it would be activated and valid in the Microsoft database and then kept using Windows 7. So I have a working copy of Windows 7 and if I ever want to upgrade to Windows 10 in the future (at least on my current PC which was upgraded to a Skylake chip, new Motherboard and 8GB RAM 6 months ago) I have the digital activation thing that will get me Windows 10 for free.
So I can install Windows 10 any time I want with no cost but I dont have to install it until I want to.
Every movie theater I know of in my town to has signage out the front banning you from using cellphones inside the theater. And at the theater I actually go to (because its the cheapest) they have a big message on the screen at the start of the film saying "please turn your cell phone off". I never experience problems with cellphone usage at this particular theater either (most people seem to respect the signs). Other theaters I have visited in the past also have the "no cell phones" thing on the screen before the film.
Why dont more theaters in the USA do the same thing and simply tell people to turn their phone off in the theater? If even one person chooses to follow the sign and turn off their phone when they wouldn't otherwise do so, its a win for all the people who just want to enjoy the movie. And its not like someone is going to not go to the movies just because they are asked to turn off their phone (if you need the phone active so you can be contacted in an emergency, keep it on silent/vibrate and step out of the theater to use it)
Google has a list of rules that an Android OEM has to follow if said OEM wants to be able to ship the Google Play Store, the Google Play Services middleware library and the other Google apps like GMail. Google could simply add terms to that agreement that require OEMs to provide security updates for their devices for a minimum amount of time after the device is released.
OEMs might complain but (with the possible exception of Samsung who might be able to ditch Google and do its own thing) they all need the Google stuff in order to survive.
The currently-in-development Neo900 project (which hit a few snags because PayPal are scumbags and withheld large chunks of project funding but seems to have recovered now that PayPal has released the money) has some features that will help with this.
It contains physical hardware level off switches for phone radios/antennas (including a separate disconnect for the GPS antenna to prevent it from being able to do GPS location unless you enable it) but more importantly the design of the hardware means the baseband radios (including the cellular baseband module) have NO access to the main application processor or its RAM or Flash storage. All audio goes through the main application processor as well (meaning the baseband has no access to the microphone in the phone at all)
As far as I am aware it will be possible to run the Neo900 and use its features (make calls, access the internet etc etc) using only open source software on the main application processor (so no blobs that could contain backdoors).
No its not an iPhone or an Android device, no its not super-thin and super-light, no its not packing the latest super-powerful CPU and no it wont run Pokemon Go or Netflix but it will prevent bad actors (whoever they may be) from remotely activating your phones microphone and recording everything you say without your knowledge.
The problem is that most of the malware out there comes from countries like Russia that dont have an extradition treaty with the US, that have one but where the treaty doesn't allow extradition of malware authors or that are powerful enough that the US cant make them bend over in the way they can for smaller countries like Poland.
Its all well and good to say "but someone will build more supply" and that may be true in some cities but its not always possible. But try building any kind of housing anywhere near San Fransisco for example.
I am not a legal expert but I believe their plan to produce a nuclear-armed spacecraft violates the Outer Space Treaty (to which Russia is a signatory) and specifically Article IV which says "States Parties to the Treaty undertake not to place in orbit around the earth any objects carrying nuclear weapons or any other kinds of weapons of mass destruction, install such weapons on celestial bodies, or station such weapons in outer space in any other manner." (which sounds like exactly what Russia wants to do)
Then again, with the way the Russian economy is these days, I dont think they have the funds to actually build or launch this thing so it wont matter...
The biggest problem is that the idiots in congress (or more specifically those that represent specific parts of the country) have been forcing NASA to use space shuttle parts in its projects (Constellation and now SLS) even when those parts aren't the right parts for the job.
That's a big part of why Congress doesn't like the "commercial crew" program, namely the fact that the new lightweight companies like SpaceX, Blue Origin, Sierra Nevada etc dont provide all that pork in key congressional districts the way the old guard like Boeing, Lockheed Martin, Orbital ATK etc are doing.
What about single malt Scotch? That is made in the UK and there are plenty of people on this planet who will argue that a good single malt qualifies as up there with the best in the world when it comes to alcoholic beverages...
The people on the MAME team who work on the Saturn driver would disagree that the Saturn emulator is anywhere near perfect. No emulator currently emulates the co-processor used for the control of the optical drive. (as far as I know the only people who have dumped the internal code of this chip haven't released it to anyone else)
I upgraded my PC around xmas with a Gigabyte Skylake motherboard and I had to upgrade to the latest BIOS revision before Fallout 4 (the reason I bought the upgrades in the first place) would run without crashing.
I do agree that a physical switch for the BIOS write protection would be a good idea.
There are times I have been comming back home at 9pm or even later after going to a LEGO club meeting or some other late-running activity and even then its been no problem. (even on a Saturday Night)
I have been using public transport here in Australia for years (bus, train, ferry and tram) and with a couple rare exceptions I have never seen anything that would make me worried about using it.
Well there WAS the one time when I was waiting for the train and some idiot teenagers tried to run off with my bag/wallet/phone/keys/etc (they were unsuccessful) but that was my own fault for not paying attention to my bag (now I hold onto it more closely and dont put it down where someone could try to grab it)
My understanding is this: 1.Spotify currently offers subscriptions to their service via in-app purchase (where Apple gets a cut) 2.Spotify tried to push an update that dropped the in-app purchase and added a "go here to buy a Spotify subscription" link (which violates the rules put in place by Apple) 3.Spotify now wants to push an update that drops the in-app purchase but doesn't include the "go here to subscribe" link at all and Apple refuses to allow that new update.
I have had Norton and Symantec on my own personal blacklist of entities I refuse to have anything to do ever since I installed some version of Norton Internet Security and it made my web browsing (and possibly other stuff) stop working until I completly uninstalled it.
I haven't tried it yet (will be trying it this week) but this forum post I found on another forum https://www.gog.com/forum/gene... shows what is claimed to be a way to get the free Windows 10 upgrade without actually needing to install Windows 10 or replace your existing Windows install.
What will probably happen is that professionals and skilled migrants (who can demonstrate that they will be earning more than enough money and paying more than enough tax to cover their healthcare and other liabilities) will be allowed in but unskilled labor (the kind that is "taking lobs away from hard working British people") and those who want to come over and do the minimum they need to do to qualify for free treatment of whatever medical problems they have before heading home will be refused entry.
When OtherOS support was removed, a lot of people who were using it for Linux suddenly had an incentive to break open the copy protection in order to run their own code.
I suspect if Sony had not removed OtherOS then the number of people interested in cracking the copy protection would have been limited only to those looking to pirate games and it would have taken a lot longer before piracy became an issue.
Slashdot Mirror
There are plenty of gadgets out there (including wallets and sleeves for individual cards) that will store your credit cards and prevent them being read remotely. If you are concerned about your RFID card being stolen, just get one of those blockers.
I am not a fan of the fact that you need to spend big money on an expensive certificate, more money on setting up a legal entity that will satisfy those organizations who can issue the right EV code signing certificate that Microsoft will accept and even more money on all the required hardware to actually test your driver or what it means for open source software but this move DOES have some benefits.
It reduces the amount of crappy drivers out there (both because of the testing and because entities who are making crappy drivers tend to be the ones who dont want to spend the money on certificating and signing).
It also makes it harder for anyone wanting to create kernel level malware since either Microsoft will refuse to sign it in the first place or Microsoft will revoke the signature (and blacklist the creator of those drivers).
The increased requirements in terms of the code signing certificate you need to submit drivers to Microsoft also eliminates problems with rogue code signing certificates (i.e. all the times when a code signing certificate was stolen from a major hardware vendor and used to sign malware or other bad things)
I do wonder what this means for government/law enforcement/intelligence agencies though. We know from various leaks and other things that governments and their agencies have used kernel drivers (or things that can only be done with kernel drivers even if its not actually explicit that kernel drivers are being used) as part of their spying/hacking/law enforcement efforts. Will the NSA be given the ability to sign a kernel driver that can run on a standard Windows 10 install? What about the Chinese Government (the censor-ware they wanted to force PC manufacturers to install on new PCs almost certainly requires kernel-level code to do the things it does). Or the German Bundespolizei? (the spyware they have reportedly used to spy on things like Skype may well need kernel code in order to do its job)
And of course if http://limadriver.org/ is ever advanced to the point where it is usable on whatever flavor of Mali GPU the A20 has, the whole issue will become moot and no blobs will be required anymore.
Even worse is when OEMs lock their phones so you cant install custom firmware from third parties that actually incorporates security fixes like this.
I used instructions online to install Windows 10 to a VHD file on one of my external disks so it would be activated and valid in the Microsoft database and then kept using Windows 7. So I have a working copy of Windows 7 and if I ever want to upgrade to Windows 10 in the future (at least on my current PC which was upgraded to a Skylake chip, new Motherboard and 8GB RAM 6 months ago) I have the digital activation thing that will get me Windows 10 for free.
So I can install Windows 10 any time I want with no cost but I dont have to install it until I want to.
Every movie theater I know of in my town to has signage out the front banning you from using cellphones inside the theater. And at the theater I actually go to (because its the cheapest) they have a big message on the screen at the start of the film saying "please turn your cell phone off". I never experience problems with cellphone usage at this particular theater either (most people seem to respect the signs). Other theaters I have visited in the past also have the "no cell phones" thing on the screen before the film.
Why dont more theaters in the USA do the same thing and simply tell people to turn their phone off in the theater? If even one person chooses to follow the sign and turn off their phone when they wouldn't otherwise do so, its a win for all the people who just want to enjoy the movie. And its not like someone is going to not go to the movies just because they are asked to turn off their phone (if you need the phone active so you can be contacted in an emergency, keep it on silent/vibrate and step out of the theater to use it)
Google has a list of rules that an Android OEM has to follow if said OEM wants to be able to ship the Google Play Store, the Google Play Services middleware library and the other Google apps like GMail. Google could simply add terms to that agreement that require OEMs to provide security updates for their devices for a minimum amount of time after the device is released.
OEMs might complain but (with the possible exception of Samsung who might be able to ditch Google and do its own thing) they all need the Google stuff in order to survive.
Is there any good reason to even use Touch ID or other fingerprint unlocks instead of just using a password or passcode?
As a Sonic fan and a LEGO fan, I am excited for the new Sonic the Hedgehog minifig due out later this year :)
The currently-in-development Neo900 project (which hit a few snags because PayPal are scumbags and withheld large chunks of project funding but seems to have recovered now that PayPal has released the money) has some features that will help with this.
It contains physical hardware level off switches for phone radios/antennas (including a separate disconnect for the GPS antenna to prevent it from being able to do GPS location unless you enable it) but more importantly the design of the hardware means the baseband radios (including the cellular baseband module) have NO access to the main application processor or its RAM or Flash storage. All audio goes through the main application processor as well (meaning the baseband has no access to the microphone in the phone at all)
As far as I am aware it will be possible to run the Neo900 and use its features (make calls, access the internet etc etc) using only open source software on the main application processor (so no blobs that could contain backdoors).
No its not an iPhone or an Android device, no its not super-thin and super-light, no its not packing the latest super-powerful CPU and no it wont run Pokemon Go or Netflix but it will prevent bad actors (whoever they may be) from remotely activating your phones microphone and recording everything you say without your knowledge.
The problem is that most of the malware out there comes from countries like Russia that dont have an extradition treaty with the US, that have one but where the treaty doesn't allow extradition of malware authors or that are powerful enough that the US cant make them bend over in the way they can for smaller countries like Poland.
I have relatives who own a sheep station here in Australia and they are most definatly not greedy or cheap.
Its all well and good to say "but someone will build more supply" and that may be true in some cities but its not always possible. But try building any kind of housing anywhere near San Fransisco for example.
I am not a legal expert but I believe their plan to produce a nuclear-armed spacecraft violates the Outer Space Treaty (to which Russia is a signatory) and specifically Article IV which says "States Parties to the Treaty undertake not to place in orbit around the earth any objects carrying nuclear weapons or any other kinds of weapons of mass destruction, install such weapons on celestial bodies, or station such weapons in outer space in any other manner." (which sounds like exactly what Russia wants to do)
Then again, with the way the Russian economy is these days, I dont think they have the funds to actually build or launch this thing so it wont matter...
The biggest problem is that the idiots in congress (or more specifically those that represent specific parts of the country) have been forcing NASA to use space shuttle parts in its projects (Constellation and now SLS) even when those parts aren't the right parts for the job.
That's a big part of why Congress doesn't like the "commercial crew" program, namely the fact that the new lightweight companies like SpaceX, Blue Origin, Sierra Nevada etc dont provide all that pork in key congressional districts the way the old guard like Boeing, Lockheed Martin, Orbital ATK etc are doing.
What about single malt Scotch? That is made in the UK and there are plenty of people on this planet who will argue that a good single malt qualifies as up there with the best in the world when it comes to alcoholic beverages...
The people on the MAME team who work on the Saturn driver would disagree that the Saturn emulator is anywhere near perfect. No emulator currently emulates the co-processor used for the control of the optical drive. (as far as I know the only people who have dumped the internal code of this chip haven't released it to anyone else)
I upgraded my PC around xmas with a Gigabyte Skylake motherboard and I had to upgrade to the latest BIOS revision before Fallout 4 (the reason I bought the upgrades in the first place) would run without crashing.
I do agree that a physical switch for the BIOS write protection would be a good idea.
There are times I have been comming back home at 9pm or even later after going to a LEGO club meeting or some other late-running activity and even then its been no problem. (even on a Saturday Night)
I have been using public transport here in Australia for years (bus, train, ferry and tram) and with a couple rare exceptions I have never seen anything that would make me worried about using it.
Well there WAS the one time when I was waiting for the train and some idiot teenagers tried to run off with my bag/wallet/phone/keys/etc (they were unsuccessful) but that was my own fault for not paying attention to my bag (now I hold onto it more closely and dont put it down where someone could try to grab it)
My understanding is this:
1.Spotify currently offers subscriptions to their service via in-app purchase (where Apple gets a cut)
2.Spotify tried to push an update that dropped the in-app purchase and added a "go here to buy a Spotify subscription" link (which violates the rules put in place by Apple)
3.Spotify now wants to push an update that drops the in-app purchase but doesn't include the "go here to subscribe" link at all and Apple refuses to allow that new update.
I have had Norton and Symantec on my own personal blacklist of entities I refuse to have anything to do ever since I installed some version of Norton Internet Security and it made my web browsing (and possibly other stuff) stop working until I completly uninstalled it.
I haven't tried it yet (will be trying it this week) but this forum post I found on another forum
https://www.gog.com/forum/gene...
shows what is claimed to be a way to get the free Windows 10 upgrade without actually needing to install Windows 10 or replace your existing Windows install.
What will probably happen is that professionals and skilled migrants (who can demonstrate that they will be earning more than enough money and paying more than enough tax to cover their healthcare and other liabilities) will be allowed in but unskilled labor (the kind that is "taking lobs away from hard working British people") and those who want to come over and do the minimum they need to do to qualify for free treatment of whatever medical problems they have before heading home will be refused entry.
When OtherOS support was removed, a lot of people who were using it for Linux suddenly had an incentive to break open the copy protection in order to run their own code.
I suspect if Sony had not removed OtherOS then the number of people interested in cracking the copy protection would have been limited only to those looking to pirate games and it would have taken a lot longer before piracy became an issue.