It also can open binary files, and I have encountered cases where being able to edit a binary in a locked down environment was very useful (corrupted application had a specific log format, and if it wasn't perfectly intact, the program would just exit without any warnings.)
Security has three parts, confidentiality, integrity, and availability. The ideal would be that the KeyChain would be treated as a database, and if the disk is full, the file and log would be made read-only and lock out all transactions until it is possible to do them.
At the minimum, Apple could have the database save a copy, then once that's done, move the copy to the original's spot, then zap the original. Not that this is new... AppleWorks did this in the 1980s.
This. Since there is no vetting or third party certification, all their password data could be sitting on a public S3 bucket, with the password used for authentication and all zeroes used for AES "encryption". At least LastPass documents what they do, and their security is proven.
What would be ideal is that each endpoint generates and stores their own private key, and is "introduced" to each other via another device. That way, the cloud provider doesn't even have password hashes that can be brute forced... just public keys, so a compromise of the cloud provider means an attacker has to deal with all 256+ bits of AES [1], rather than a password that can be brute forced.
[1]: The ideal might be a triple cascade cipher similar to what VeraCrypt does, so if AES is broken, Serpent or Threefish would still hold up.
Why do places that use certificates and know the damage they can do if stolen, not use HSMs? $60 gets you a NitroKey. $600 gets you a YubiKey HSM, so they are not expensive. A YubiKey HSM can even be configured to require a manual tap on the unit to confirm there is an actual live body there actually wanting to do a signing transaction.
The problem is that companies are used to running roughshod over privacy laws. Even the GDPR has not been tested. Since they are used to a privacy gravy train, it will take not just laws, but enforcement (fines, raids, C-levels facing prison time) for companies to actually take privacy seriously.
Even with the GDPR, as it stands now, if a CEO finds out that their firm is in trouble, they short their stock, let the EU find the company into the ground, and laugh all the way to the bank.
That wouldn't change anything. Stuff is priced as what it will sell at, so having all your data sold would be considered part of the price to use a device... or hidden under a EULA.
Tired of subscriptions and data being sucked off? Stop buying stuff that does that.
You are not their customer. In fact, they don't care about you at all. You are a product. The GDPR is actually one of the few things that makes companies actually think twice, although many companies still don't really care.
Thefts come to mind, be it cell phones, cameras, or whatnot. A cell phone, even if it will never work for a provider, is still worth a lot, due to the screen and other parts, and a SD card, especially a larger one, is just icing on the cake.
Some Android phones do a great job at full volume encryption, so the SD card's loss means data isn't loss. Other phones don't do that, which can be a security risk.
What blows my mind is that it isn't hard to create an encryption system to guarantee that temporary files stored there are zapped. It can be as simple as deleting the old cruft, creating an LUKS volume or eCryptFS directory on bootup, keeping the key in RAM, and storing files there. If the copier gets power cycled, the keys are forgotten, and the documents are never accessible. Next bootup, the files are cleared out, and a new volume is made.
If the copier uses Windows, a partition that is formatted and a new BitLocker key assigned can do similar.
I read that the SD secure part which consists of 20% of the card is still present, but you have to have a special controller to access that part. I wish the specs were more open, as it would possibly be a useful way to back up sensitive data, or just store the key to the rest of the card there.
I have never bothered selling a used memory card. If it is leaving my possession, it gets the "dd if=/dev/urandom of=/dev/sdwhatever" treatment, at least once or twice.
Laptop vendors can do more than new CPUs to bring some usefulness and features. Being able to have an OS in ROM would be handy, if only to have a way to restore an OS without having to worry about recovery media. If a Tandy MS-DOS clone back in the 1980s can do this, so can a PC vendor. Other things come to mind as well, be it the ability to charge (albeit slowly) on USB-C for beefier laptops, allowing for multiple USB chargers to charge a battery at the same time, built in vitualization and encryption so one can have their gaming stuff, their work stuff, personal stuff, and stuff nobody should see, all on one laptop, perhaps using something like PhonebookFS to further hide the presence of other VMs.
Another idea would be to have better support for external GPU breakout boxes. That way, one can go from running command line stuff to Crysis fairly easily, as well as providing fast access to additional storage.
CPUs are nice, but there are still many things that can be done to differentiate one's product from everyone else.
I don't see any point or purpose for Instagram. If I want to share photos, I have my web server or Smugmug. Photo editing? GIMP or other tools. Need an app? There are commercial ones for a few bucks which respect privacy.
I understand it is doing well, but what can Instagram do that other things cannot, other than slurp your data for resale in bulk, which is not something I consider a "feature" for me.
There is a very easy way to define "good" countries: How do they treat the people in their prisons, and their "terrorists"?
The way they treat the most disliked people in their society reflects the entire societal values of the whole nation. For example, convicted murderers jailed in some Scandinavian countries lead a better life than most non-Europeans can aspire to.
I've preferred that model. Have everything communicate via Z-Wave, Bluetooth, or similar to a hub, which is hardened, and has a manifest/profile for every device including what it can talk to (and 0.0.0.0/0 as a netmask is not going to be allowed.) Perhaps 2-3 hubs for redundancy, if that is what is wanted. This way, there is a hardened device doing all the Internet stuff, rather than devices made in the cheapest Chinese factories with software made by the sloppiest, "get 'er done, it builds, ship it" methods.
However, IoT makers get a lot of cash through analytics, so they want to chuck as much data as the device can glean. It isn't like anything is going to happen to them. Even the GDPR just means they do their stuff in a non-European country.
The problem is that IoT companies have no vested interest in security. If their devices are used for that, worse case is that the C-levels short their stock, make the announcement, and "mourn" the dead company on the deck of their new ship. The average person in the company has to choose between making deliverables or security... and deliverables are what keeps the badge from being disabled.
Best way to fix? Don't buy that crap. If you want to buy a $3000 fridge (and have the ability to add a flue and a gas connection), buy a fridge that uses natural gas and electric, so your beer stays cold if power goes out. If a TV requires an always-on connection, return it as defective, which it is. By not buying insecure IoT stuff, it helps everyone.
I always take the survey to give the waiters all 5s. I'm neutral about those things, the biggest thing I like is the fact that I can punch out, swipe my card, and be out without having to wait for the check and card to be returned. Of course, the downside, it is another camera, screen with flashing crap on it, and a microphone in your face, and $DEITY knows what is done with the audio/video footage those devices get.
I have an older vehicle that has a key with a built in remote, and a transponder chip, which ensures it will start the car even if the battery is dead. I don't need to try to pry off part of the door handle either. The vehicle "auto cranks", and can be used with a push-button start, but I know that for someone to steal the car, they need to have a chip presence, and bypass the physical Strattec lock. Not impossible, but a lot harder to steal than a thief using a device that makes someone's transponder key in their pocket appear to the vehicle as right by it, allowing it to be unlocked with a press of the button on the handle.
One thing I've thought would be an interesting compromise would be an external key switch. Turn the key, the vehicle will ignore all transponders and will need to be mechanically opened. That would be useful if parking at an airport, or some other dodgy place.
One of APFS's features is allowing for multiple keys per volume. What Apple should have done is store the cache data, but keyed to both the encrypted volume being used, as well as the system volume. This way, if there is no system volume encryption, things are protected still. If there is, it would require two keys to get to the caching info.
Hopefully this can be fixed. Apple comes up with some great stuff, but then misses the mark with other places.
This is probably for Central American countries where privacy laws are few to none, and where invasions of privacy will not go punished. I can see software like this in the US being used, with disabling the mic access considered a violation of the DMCA.
A 128 GB machine will be ideal for a developer who has it for his/her daily driver, and who has to show that their code works on some test VM bases via Vagrant. This gets rid of the "it works on my machine, but not in production" type of bugs.
Even if the RAM is not needed, it works as a cache, making I/O faster.
There are far fewer mechanic shops now. Just a few years ago, almost every gas station had a repair depot. Now, it is extremely rare to find a new gas station being built that offers repairs. Mainly because most stuff is so proprietary that one can't just replace more than basic consumables. Even some makes of cars (BMWs) require the vehicle to go to the dealer for registering/reprogramming if the battery is replaced.
This happened with Harvey. Right before it made landfall, it took a hard right for Houston, when initially, it was going to go up and pay Austin a visit.
Even with a slower hurricane, it can be impossible to evacuate people. Houston had a hurricane a number of years ago where people were still locked in traffic when it hit. Harvey, they didn't even bother with an evac notice because it would have just been impossible to get everyone out, so the mayor decided that sheltering in place would be better.
Slashdot Mirror
It also can open binary files, and I have encountered cases where being able to edit a binary in a locked down environment was very useful (corrupted application had a specific log format, and if it wasn't perfectly intact, the program would just exit without any warnings.)
Security has three parts, confidentiality, integrity, and availability. The ideal would be that the KeyChain would be treated as a database, and if the disk is full, the file and log would be made read-only and lock out all transactions until it is possible to do them.
At the minimum, Apple could have the database save a copy, then once that's done, move the copy to the original's spot, then zap the original. Not that this is new... AppleWorks did this in the 1980s.
I wish KeyChain were more robust.
This. Since there is no vetting or third party certification, all their password data could be sitting on a public S3 bucket, with the password used for authentication and all zeroes used for AES "encryption". At least LastPass documents what they do, and their security is proven.
What would be ideal is that each endpoint generates and stores their own private key, and is "introduced" to each other via another device. That way, the cloud provider doesn't even have password hashes that can be brute forced... just public keys, so a compromise of the cloud provider means an attacker has to deal with all 256+ bits of AES [1], rather than a password that can be brute forced.
[1]: The ideal might be a triple cascade cipher similar to what VeraCrypt does, so if AES is broken, Serpent or Threefish would still hold up.
Why do places that use certificates and know the damage they can do if stolen, not use HSMs? $60 gets you a NitroKey. $600 gets you a YubiKey HSM, so they are not expensive. A YubiKey HSM can even be configured to require a manual tap on the unit to confirm there is an actual live body there actually wanting to do a signing transaction.
The problem is that companies are used to running roughshod over privacy laws. Even the GDPR has not been tested. Since they are used to a privacy gravy train, it will take not just laws, but enforcement (fines, raids, C-levels facing prison time) for companies to actually take privacy seriously.
Even with the GDPR, as it stands now, if a CEO finds out that their firm is in trouble, they short their stock, let the EU find the company into the ground, and laugh all the way to the bank.
That wouldn't change anything. Stuff is priced as what it will sell at, so having all your data sold would be considered part of the price to use a device... or hidden under a EULA.
Tired of subscriptions and data being sucked off? Stop buying stuff that does that.
You are not their customer. In fact, they don't care about you at all. You are a product. The GDPR is actually one of the few things that makes companies actually think twice, although many companies still don't really care.
Thefts come to mind, be it cell phones, cameras, or whatnot. A cell phone, even if it will never work for a provider, is still worth a lot, due to the screen and other parts, and a SD card, especially a larger one, is just icing on the cake.
Some Android phones do a great job at full volume encryption, so the SD card's loss means data isn't loss. Other phones don't do that, which can be a security risk.
What blows my mind is that it isn't hard to create an encryption system to guarantee that temporary files stored there are zapped. It can be as simple as deleting the old cruft, creating an LUKS volume or eCryptFS directory on bootup, keeping the key in RAM, and storing files there. If the copier gets power cycled, the keys are forgotten, and the documents are never accessible. Next bootup, the files are cleared out, and a new volume is made.
If the copier uses Windows, a partition that is formatted and a new BitLocker key assigned can do similar.
I read that the SD secure part which consists of 20% of the card is still present, but you have to have a special controller to access that part. I wish the specs were more open, as it would possibly be a useful way to back up sensitive data, or just store the key to the rest of the card there.
I have never bothered selling a used memory card. If it is leaving my possession, it gets the "dd if=/dev/urandom of=/dev/sdwhatever" treatment, at least once or twice.
Laptop vendors can do more than new CPUs to bring some usefulness and features. Being able to have an OS in ROM would be handy, if only to have a way to restore an OS without having to worry about recovery media. If a Tandy MS-DOS clone back in the 1980s can do this, so can a PC vendor. Other things come to mind as well, be it the ability to charge (albeit slowly) on USB-C for beefier laptops, allowing for multiple USB chargers to charge a battery at the same time, built in vitualization and encryption so one can have their gaming stuff, their work stuff, personal stuff, and stuff nobody should see, all on one laptop, perhaps using something like PhonebookFS to further hide the presence of other VMs.
Another idea would be to have better support for external GPU breakout boxes. That way, one can go from running command line stuff to Crysis fairly easily, as well as providing fast access to additional storage.
CPUs are nice, but there are still many things that can be done to differentiate one's product from everyone else.
I don't see any point or purpose for Instagram. If I want to share photos, I have my web server or Smugmug. Photo editing? GIMP or other tools. Need an app? There are commercial ones for a few bucks which respect privacy.
I understand it is doing well, but what can Instagram do that other things cannot, other than slurp your data for resale in bulk, which is not something I consider a "feature" for me.
There is a very easy way to define "good" countries: How do they treat the people in their prisons, and their "terrorists"?
The way they treat the most disliked people in their society reflects the entire societal values of the whole nation. For example, convicted murderers jailed in some Scandinavian countries lead a better life than most non-Europeans can aspire to.
I've preferred that model. Have everything communicate via Z-Wave, Bluetooth, or similar to a hub, which is hardened, and has a manifest/profile for every device including what it can talk to (and 0.0.0.0/0 as a netmask is not going to be allowed.) Perhaps 2-3 hubs for redundancy, if that is what is wanted. This way, there is a hardened device doing all the Internet stuff, rather than devices made in the cheapest Chinese factories with software made by the sloppiest, "get 'er done, it builds, ship it" methods.
However, IoT makers get a lot of cash through analytics, so they want to chuck as much data as the device can glean. It isn't like anything is going to happen to them. Even the GDPR just means they do their stuff in a non-European country.
The problem is that IoT companies have no vested interest in security. If their devices are used for that, worse case is that the C-levels short their stock, make the announcement, and "mourn" the dead company on the deck of their new ship. The average person in the company has to choose between making deliverables or security... and deliverables are what keeps the badge from being disabled.
Best way to fix? Don't buy that crap. If you want to buy a $3000 fridge (and have the ability to add a flue and a gas connection), buy a fridge that uses natural gas and electric, so your beer stays cold if power goes out. If a TV requires an always-on connection, return it as defective, which it is. By not buying insecure IoT stuff, it helps everyone.
I always take the survey to give the waiters all 5s. I'm neutral about those things, the biggest thing I like is the fact that I can punch out, swipe my card, and be out without having to wait for the check and card to be returned. Of course, the downside, it is another camera, screen with flashing crap on it, and a microphone in your face, and $DEITY knows what is done with the audio/video footage those devices get.
I have an older vehicle that has a key with a built in remote, and a transponder chip, which ensures it will start the car even if the battery is dead. I don't need to try to pry off part of the door handle either. The vehicle "auto cranks", and can be used with a push-button start, but I know that for someone to steal the car, they need to have a chip presence, and bypass the physical Strattec lock. Not impossible, but a lot harder to steal than a thief using a device that makes someone's transponder key in their pocket appear to the vehicle as right by it, allowing it to be unlocked with a press of the button on the handle.
One thing I've thought would be an interesting compromise would be an external key switch. Turn the key, the vehicle will ignore all transponders and will need to be mechanically opened. That would be useful if parking at an airport, or some other dodgy place.
One of APFS's features is allowing for multiple keys per volume. What Apple should have done is store the cache data, but keyed to both the encrypted volume being used, as well as the system volume. This way, if there is no system volume encryption, things are protected still. If there is, it would require two keys to get to the caching info.
Hopefully this can be fixed. Apple comes up with some great stuff, but then misses the mark with other places.
This is probably for Central American countries where privacy laws are few to none, and where invasions of privacy will not go punished. I can see software like this in the US being used, with disabling the mic access considered a violation of the DMCA.
Lots:
Vagrant.
Virtualbox.
Developer tools.
Photo/video editing.
Sound editing.
A 128 GB machine will be ideal for a developer who has it for his/her daily driver, and who has to show that their code works on some test VM bases via Vagrant. This gets rid of the "it works on my machine, but not in production" type of bugs.
Even if the RAM is not needed, it works as a cache, making I/O faster.
There are far fewer mechanic shops now. Just a few years ago, almost every gas station had a repair depot. Now, it is extremely rare to find a new gas station being built that offers repairs. Mainly because most stuff is so proprietary that one can't just replace more than basic consumables. Even some makes of cars (BMWs) require the vehicle to go to the dealer for registering/reprogramming if the battery is replaced.
Or airlines will just jack up the fees for "enhanced viewing experiences".
This happened with Harvey. Right before it made landfall, it took a hard right for Houston, when initially, it was going to go up and pay Austin a visit.
Even with a slower hurricane, it can be impossible to evacuate people. Houston had a hurricane a number of years ago where people were still locked in traffic when it hit. Harvey, they didn't even bother with an evac notice because it would have just been impossible to get everyone out, so the mayor decided that sheltering in place would be better.