If the truck is at a large ranch, the range may not matter as much, since there would be charging stations on areas of the property. In fact, an all electric truck would be nice, because if it had a decent inverter, one could use the batteries to power a welder, lights, or other items needed for upkeep.
My hope is that Tesla makes a one ton truck. A half-ton tends to be more of a grocery-getter than a work truck.
Correct. However, it would be nice to have a watch that doesn't have to be charged nightly, with a nonreplacable battery that makes it essentially useless after 3-4 years. What would be nice would be a watch with OTP functionality, but could function off of a lithium battery for a few years, and the battery easily replaced (well, as easily as any other watch out there, likely needing the usual tools.)
Even older Casio and Timex watches are useful. There are Pac-Man watches from the early 1980s which will still function with a battery replacement. A four year old Apple Watch is damaged by the way it is opened (with the waterproof gasket being destroyed), while virtually any other watch out there can have a battery replaced, even if it may require some tools that a jeweler has, fairly easily.
Nothing wrong with the 80s style G-Shocks. They do a certain function, and do it extremely well. I've seen first-hand things that those watches have gone through and survived.
I wouldn't mind an 80s style calculator watch. These days, something like that would be great for storing TOTP 2FA codes, passwords and other items that you don't want on an always-online device. Perhaps with some small camera for QR codes.
It isn't like self-winding watch technology is new. For a C-note or two, I can buy a Bulova self-winder.
We have all the parts of the technology here:
1: Self-winding mechanisms. 2: Very low power ASICs. 3: e-Ink screens that are available in a watch form factor. 4: Batteries or capacitors that can hold electricity. 5: Flexible solar panels for the watchband. 6: Low power Bluetooth.
We can take any/all of these and make a self-winding smartwatch that never needs physical charging. No, it may not have OLED or 3D graphics... but it would have enough CPU, RAM, and storage to do basic functions like medical device data, pedometer, and what one expects from a Fitbit type unit.
Even then, finding a smartwatch that looks elegant and stylish is a problem. The Apple Watch does appeal to a certain demographic, but there are many others who will shell out $1000 for a timepiece because it will work the same as it did when it came out of the box, 50-100 years from now. This is the market smartwatch makers need to consider going after to expand.
I give everything a time, then swap to something else. Here in the US, it takes some digging to get an accurate report about something since sources are heavily biased, so one's best bet is other countries (which have a slant, but tend to be neutral in the case of the issue mentioned.)
Sites like Reddit and Slashdot help, since eventually the truth relating to some allegation or some happening does work its way out, better than most mainstream media, and you will find insights (even if it is someone doing a troll attempt) that you won't find with the heavily filtered replies on "mainstream" news sites.
A shrinking population is bad because it means fewer people handling the tax burden, fewer people for businesses to sell to, fewer people who know the nation's history and character (especially for Japan which is unique in the world in a lot of respects.)
I can see why Japan is leery of opening the gates to immigrants. They want to remain Japan and not have some other culture, be it American, European, Chinese, Korean, or another not overrun what exists now.
So, what can Japan do? I've wondered about something like the French Foreign Legion, where it would be a military service that someone can serve in, and after a number of years (5-8, perhaps) be granted Japanese citizenship. This may be anathema, because Japanese is not just a nationality but a race, but it may be the best way to preserve their culture.
I love KeePass's PW generation algorithm, especially how it can use mouse input as part of the RNG, and how it can use your Windows unique user info as part of the composite key, so a database would be useless if snarfed, even if someone shoulder-surfed your password.
However, for cross-platforms, KeePassXC is the best of breed, since it has development work and pull requests done on it all the time.
I do wish the KeePass DB format would be upgraded. It would be nice if it offered some type of locking, so multiple processes could access the DB at the same time.
I took a year off due to a bad medicine reaction. That killed my career dead. I wound up finishing college while interning, and rebuilding from scratch after that. Even just 3-6 months can get one's resume roundfiled.
One trick I found that helps is to make a large portfolio on GitHub of scripts and stuff you have done, maybe a small application or two. That way, you can say to an interviewer that you did stuff, and point to the repository as proof of what you know, so they can see what you are capable of and focus less on the time gaps.
I did find that removing all but the last ten years of experience did help as well. Nobody really cares about AIX, even Solaris these days.
Google has similar, but their app is a lot clunkier trying to upload a music library compared to Amazon's.
This is a service that I really liked and actively used. The ability to have one repository for music on one computer, then download and have it on any device, Android or iOS, Windows, or Mac, was quite nice.
Thycotic Secret Server is often used and has a good rep. Devolution's Password Vault Manager can be self-hosted.
Then, there are PW managers which piggyback off of existing cloud providers. Codebook, Enpass, and SafeInCloud are several candidates.
Then, there are PW manages which (IMHO) "strongly persuade" people to use their cloud provider (1Password, mSecure).
Then, there are dedicated cloud providers like LastPass and DashLane. LastPass has manage to withstand some pretty heavy hacking attempts and keep data sound, and they seem quite open about what issues they have. DashLane, I don't know that much about, but I've not read any horror stories.
I would also look at compliance. Does the company even mention CJIS, FERPA, HIPAA, SOX, PCI-DSS, or other regs? If they have details on how they are compliant, that is a big plus, especially for CYA reasons.
If access is needed just inside the company, I'd look at Thycotic Secret Server.
We have also come a long way with watches. For a C-note, you can get a Bulova self-winder which may not be yet another small computer... but it will do what you need it to.
We have very good low voltage chips, and e-Ink displays (a 1.1" round display costs $99 as a sample). Why can't someone do what Palm originally did, and focus on power savings and UI first, gewgaws later? We really don't need a fast CPU in a watch, especially if the display is monochrome with a relatively slow update time. If needed, solar can be added, but self-winding watches have been around since the 1920s, so it wouldn't be difficult to use the same weighting mechanism to generate a tiny amount of electricity to keep a capacitor or battery charged. As for communication, that is what Bluetooth Low Energy can be used for.
Stores do that here as well. Some WMs have someone at the exit who will go through and check receipts, just like is done at Costco. If a WM has all automated checkouts, one can be 100% sure there would be a loss prevention guy at the entrance.
I have heard "too much experience" translating to "as soon as the economy picks up, I know you will be ditching us for greener pastures." Saw that in 2008.
If BTC processing did something useful (SETI At Home, protein folding), that would be one thing. However, as it stands now, it only wastes energy, not just mining, but processing each transaction.
I've seen some cryptocurrencies go things like proof of capacity, but an ideal would be to use the CPU power or whatnot for some good.
Bitcoin is in a "gold rush" mode right now. We had the first run of people and the "hey, trust us" exchanges which ran off with people's cash. Now we are in the tulip phase where "dumb money" is throwing its lot in, down to the people on Facebook maxing out credit cards and getting car title loans. After that, we will see a crash, the magnitude of it being unknown, then we will see actual work done on a cryptocurrency which doesn't have Bitcoin's flaws. We may even see a v3.0 or v4.0 cryptocurrency that finally is stable and accepted enough that the local 7-11 will accept units of the currency for Slurpee.
I wonder how big the Bitcoin crash is going to be. It doesn't seem that big that it would catalyze a global recession due to money lost, but it may sour people on cryptocurrencies altogether.
I'm reminded of the FatBinary approach Apple took with applications that ran on PowerPC chips and x86 machines. It is a step in the right direction... but there are a ton of things that can't really be unified across iOS and macOS:
1: The UI frameworks as the parent stated. This is a major issue. 2: UI events. Microsoft tried to unify this and failed, because there is a reason why the UI on a 5K screen is different from a 5-7" wide smartphone. Stuff like right-click dragging makes no sense when it comes to iPhones or iPads. 3: The frameworks are different. Apps on iOS reside in their own little jailed worlds. Apps on macOS sit in/Applications and pretty much can do whatever they feel like. 4: Companies can't really release iOS apps the same time as macOS.
As an option, this might be useful, but forcing devs to do this might be an exercise in failure.
This is why Dell's quality across the board has improved since they were taken private. They are not under the lash of shareholders demanding stuff the next quarter, otherwise lawsuits are threatened. Dell can do what the hell it wants to. Charge off a ton of earnings for R&D? Perfectly fine.
Apple needs to do the same if it wants to remain a player long term. Otherwise, they may end up suffering a fate similar to Sony with regards to consumer electronics in the early 2000s, especially with companies like Samsung coming out with innovative products on a constant basis.
Sometimes you can make a password management system that takes your single secret password (or a keyfile), adds the host name and the username, tosses it through a SHA-512 HMAC, then uses the first n characters, n being the max the site allows. The nice thing about this method is that the password can't be figured out even if an attacker gets your site passwords.
My ideal password manager would be one that synced to a cloud provider, but had each device have its own private key, and a record so it can unlock and decrypt the master database key. A symmetric key would also be present for recovery reasons. This way, even if the cloud provider were hacked, there would be the database, and a bunch of entries encrypted to a number of public keys, forcing the attacker to either try to factor one of the keys, or go against the entire AES-256 keyspace [1]. Since Windows, Linux, macOS, Android, and iOS all have OS level protection mechanisms for keys, one can use those for device protection.
[1]: Or if one wants to up security a notch, cascade AES, SERPENT, and some other Russian/Chinese standard algorithms. This isn't to brag about having 1024 bits of key space, but in case one of the main algorithms has a significant weakness, the data is still protected. This is why VeraCrypt offers a two and three algorithm cascade.
If you want something that has a lot of configuration abilities, look at Remote Desktop Manager. It is a commercial utility, but has a free version. It handles not just SSH, but RDP, VNC, Apple Remote Access, and a ton of other protocols.
Both mechanical and electronic locks have good and bad points. A good mechanical system, if done by a locksmith who knows what they are doing with software to allow for proper keying, a lock mechanism that is reasonably high security [1] and allows a ton different keys, and quick responsiveness (if a guest leaves with a key, change the lock.) If this is done, the lock mechanism can be simple, yet very secure. I remember one place where when you closed the door, it threw the deadbolt, which was easily opened from the inside by the door knob. This lock couldn't be opened with a credit card.
Electronic locks may be easier to "rekey", but instead of picking, there is bypassing, and there tend to be as many ways to bypass a certain model of electronic lock (if not more) as there are for mechanical locks. For a smaller place that can't really have a locksmith on duty, electronic locks (with everything kept offline) are arguably the best option, but for a five star place, maybe having a high security key to hand to a guest would be a better option.
[1]: Most US door locks are shit. Five tumblers, maybe six. It actually is astounding why something like Medeco, Abloy PROTEC, Mul-T-Lock M3+, Evva MCS, or some other high security brand is not used as a standard. Even China has gone wild with dimple locks with at least 10+ security pins. When I mean high security, even something like Medeco3 which can be opened by a good locksporter would suffice, but the ideal would be an Abloy PROTEC2 or EVVA MCS where there are no known tools (other than a drill) to open the lock.
You are right on this. The simple concept of attack surface is the issue here. Offline, it takes physical access to a reader (which can be done), or physical access to the hotel network or the admin PC. Online, anyone in the world can attack it. Offline, police are relatively excellent at finding traces of a physical intruder and nailing them, while online, unless the person is extremely sloppy or they ticked off someone with enough money to hunt them down, they won't get caught.
Physical security devices should never be allowed on the Internet, period. Firmware updates should be signed, downloaded through a SD card, and updated via a manual basis, with a way to undo the update should it foul things up. If Compaq Deskpros and ProLiant machines in 1995 could do this, then machines made 20 years later can be made to be far more secure. I like the idea of a deadbolt that can tell if it is open or not... perhaps with the ability to lock from remote (but never unlock), but even that can be a hazard, since a would-be thief who gets access can just set a poll and alert him/her when the door is unlocked for a certain period of time.
I do agree for a hotel that keycards are a step above physical keying systems, but there can be a balance. Assa-Abloy has Abloy PROTEC2 locks with part of it being electronic (CLIQ). That way, there is both physical resistance to picking, as well as the ability to block a key from being used. This isn't cheap, but for a five star hotel, they can well afford a good locking system for their guests.
That is a good thing, and I am glad I am wrong here. Previously, I remember Apple disallowing programs that affected kernel level functionality. If Parallels can put their virtualization setup on the App Store, then I don't see why all Mac developers should not use the store. I would assert that stores or repositories are very beneficial in combatting Trojans, assuming they are well curated and bad software is removed quickly with the developer getting tossed.
In the Linux world, I've found it very rare that I download a program outside a repository. The only exception are some very specific utilities that address a narrow market, and Borg Backup, which the latest version doesn't seem to wind up in EPEL or the latest Ubuntu updates.
As for Windows, Microsoft needs to consider a push to have their store be similar. The days of downloading some program from Cnet or a BBS are long gone when it comes to security, for the most part.
Of course, there is a downside... I fear that doing this might get OS makers to block sideloading of programs. Ideally, sideloading should be allowed, but in very rare circumstances.
Mac security improved greatly when OS X took the field. Before that, especially with system 6/7, you could actually have a code segment sitting on a SCSI drive that would load and execute with all permissions. This was used for security software (FileGuard, A. M. E., Empower) to have a driver for on the fly encryption, and thankfully it was never used for ill (AFAIK), but the early Mac operating systems had a lot of infection vectors (WDEF... insert a floppy, bam infected, for example.)
OS X (i.e. NeXTStep with a Mac UI) was pretty good in the security department, and got a lot better, especially with the MAC/DAC stuff added in. However, nothing is 100% secure, and no desktop OS can protect against a Dancing Bunnies attack.
What does help would be more macOS developers using Apple's store instead of offering downloads on their websites. This way, users are trained that if they are asked to go outside the established mechanism, they should be extremely wary... or just say "no". The exception are programs that Apple doesn't allow, such as low level utilities (Little Snitch, VMWare Fusion, etc.)
In any case, Apple should be proactive and revoke the signing key of any proven adware maker.
Everyone has their own style, but I've used NFC (or more specifically Apple Pay) quite often. For all but some vending machines with a bum transceiver, it works well.
Slashdot Mirror
If the truck is at a large ranch, the range may not matter as much, since there would be charging stations on areas of the property. In fact, an all electric truck would be nice, because if it had a decent inverter, one could use the batteries to power a welder, lights, or other items needed for upkeep.
My hope is that Tesla makes a one ton truck. A half-ton tends to be more of a grocery-getter than a work truck.
Correct. However, it would be nice to have a watch that doesn't have to be charged nightly, with a nonreplacable battery that makes it essentially useless after 3-4 years. What would be nice would be a watch with OTP functionality, but could function off of a lithium battery for a few years, and the battery easily replaced (well, as easily as any other watch out there, likely needing the usual tools.)
Even older Casio and Timex watches are useful. There are Pac-Man watches from the early 1980s which will still function with a battery replacement. A four year old Apple Watch is damaged by the way it is opened (with the waterproof gasket being destroyed), while virtually any other watch out there can have a battery replaced, even if it may require some tools that a jeweler has, fairly easily.
Nothing wrong with the 80s style G-Shocks. They do a certain function, and do it extremely well. I've seen first-hand things that those watches have gone through and survived.
I wouldn't mind an 80s style calculator watch. These days, something like that would be great for storing TOTP 2FA codes, passwords and other items that you don't want on an always-online device. Perhaps with some small camera for QR codes.
It isn't like self-winding watch technology is new. For a C-note or two, I can buy a Bulova self-winder.
We have all the parts of the technology here:
1: Self-winding mechanisms.
2: Very low power ASICs.
3: e-Ink screens that are available in a watch form factor.
4: Batteries or capacitors that can hold electricity.
5: Flexible solar panels for the watchband.
6: Low power Bluetooth.
We can take any/all of these and make a self-winding smartwatch that never needs physical charging. No, it may not have OLED or 3D graphics... but it would have enough CPU, RAM, and storage to do basic functions like medical device data, pedometer, and what one expects from a Fitbit type unit.
Even then, finding a smartwatch that looks elegant and stylish is a problem. The Apple Watch does appeal to a certain demographic, but there are many others who will shell out $1000 for a timepiece because it will work the same as it did when it came out of the box, 50-100 years from now. This is the market smartwatch makers need to consider going after to expand.
I give everything a time, then swap to something else. Here in the US, it takes some digging to get an accurate report about something since sources are heavily biased, so one's best bet is other countries (which have a slant, but tend to be neutral in the case of the issue mentioned.)
Sites like Reddit and Slashdot help, since eventually the truth relating to some allegation or some happening does work its way out, better than most mainstream media, and you will find insights (even if it is someone doing a troll attempt) that you won't find with the heavily filtered replies on "mainstream" news sites.
A shrinking population is bad because it means fewer people handling the tax burden, fewer people for businesses to sell to, fewer people who know the nation's history and character (especially for Japan which is unique in the world in a lot of respects.)
I can see why Japan is leery of opening the gates to immigrants. They want to remain Japan and not have some other culture, be it American, European, Chinese, Korean, or another not overrun what exists now.
So, what can Japan do? I've wondered about something like the French Foreign Legion, where it would be a military service that someone can serve in, and after a number of years (5-8, perhaps) be granted Japanese citizenship. This may be anathema, because Japanese is not just a nationality but a race, but it may be the best way to preserve their culture.
I love KeePass's PW generation algorithm, especially how it can use mouse input as part of the RNG, and how it can use your Windows unique user info as part of the composite key, so a database would be useless if snarfed, even if someone shoulder-surfed your password.
However, for cross-platforms, KeePassXC is the best of breed, since it has development work and pull requests done on it all the time.
I do wish the KeePass DB format would be upgraded. It would be nice if it offered some type of locking, so multiple processes could access the DB at the same time.
I took a year off due to a bad medicine reaction. That killed my career dead. I wound up finishing college while interning, and rebuilding from scratch after that. Even just 3-6 months can get one's resume roundfiled.
One trick I found that helps is to make a large portfolio on GitHub of scripts and stuff you have done, maybe a small application or two. That way, you can say to an interviewer that you did stuff, and point to the repository as proof of what you know, so they can see what you are capable of and focus less on the time gaps.
I did find that removing all but the last ten years of experience did help as well. Nobody really cares about AIX, even Solaris these days.
Google has similar, but their app is a lot clunkier trying to upload a music library compared to Amazon's.
This is a service that I really liked and actively used. The ability to have one repository for music on one computer, then download and have it on any device, Android or iOS, Windows, or Mac, was quite nice.
Guess I get to choose between Google or Plex now.
Have you thought of a self-hosted PW manager?
Thycotic Secret Server is often used and has a good rep.
Devolution's Password Vault Manager can be self-hosted.
Then, there are PW managers which piggyback off of existing cloud providers. Codebook, Enpass, and SafeInCloud are several candidates.
Then, there are PW manages which (IMHO) "strongly persuade" people to use their cloud provider (1Password, mSecure).
Then, there are dedicated cloud providers like LastPass and DashLane. LastPass has manage to withstand some pretty heavy hacking attempts and keep data sound, and they seem quite open about what issues they have. DashLane, I don't know that much about, but I've not read any horror stories.
I would also look at compliance. Does the company even mention CJIS, FERPA, HIPAA, SOX, PCI-DSS, or other regs? If they have details on how they are compliant, that is a big plus, especially for CYA reasons.
If access is needed just inside the company, I'd look at Thycotic Secret Server.
We have also come a long way with watches. For a C-note, you can get a Bulova self-winder which may not be yet another small computer... but it will do what you need it to.
We have very good low voltage chips, and e-Ink displays (a 1.1" round display costs $99 as a sample). Why can't someone do what Palm originally did, and focus on power savings and UI first, gewgaws later? We really don't need a fast CPU in a watch, especially if the display is monochrome with a relatively slow update time. If needed, solar can be added, but self-winding watches have been around since the 1920s, so it wouldn't be difficult to use the same weighting mechanism to generate a tiny amount of electricity to keep a capacitor or battery charged. As for communication, that is what Bluetooth Low Energy can be used for.
Stores do that here as well. Some WMs have someone at the exit who will go through and check receipts, just like is done at Costco. If a WM has all automated checkouts, one can be 100% sure there would be a loss prevention guy at the entrance.
I have heard "too much experience" translating to "as soon as the economy picks up, I know you will be ditching us for greener pastures." Saw that in 2008.
If BTC processing did something useful (SETI At Home, protein folding), that would be one thing. However, as it stands now, it only wastes energy, not just mining, but processing each transaction.
I've seen some cryptocurrencies go things like proof of capacity, but an ideal would be to use the CPU power or whatnot for some good.
Bitcoin is in a "gold rush" mode right now. We had the first run of people and the "hey, trust us" exchanges which ran off with people's cash. Now we are in the tulip phase where "dumb money" is throwing its lot in, down to the people on Facebook maxing out credit cards and getting car title loans. After that, we will see a crash, the magnitude of it being unknown, then we will see actual work done on a cryptocurrency which doesn't have Bitcoin's flaws. We may even see a v3.0 or v4.0 cryptocurrency that finally is stable and accepted enough that the local 7-11 will accept units of the currency for Slurpee.
I wonder how big the Bitcoin crash is going to be. It doesn't seem that big that it would catalyze a global recession due to money lost, but it may sour people on cryptocurrencies altogether.
I'm reminded of the FatBinary approach Apple took with applications that ran on PowerPC chips and x86 machines. It is a step in the right direction... but there are a ton of things that can't really be unified across iOS and macOS:
1: The UI frameworks as the parent stated. This is a major issue. /Applications and pretty much can do whatever they feel like.
2: UI events. Microsoft tried to unify this and failed, because there is a reason why the UI on a 5K screen is different from a 5-7" wide smartphone. Stuff like right-click dragging makes no sense when it comes to iPhones or iPads.
3: The frameworks are different. Apps on iOS reside in their own little jailed worlds. Apps on macOS sit in
4: Companies can't really release iOS apps the same time as macOS.
As an option, this might be useful, but forcing devs to do this might be an exercise in failure.
This is why Dell's quality across the board has improved since they were taken private. They are not under the lash of shareholders demanding stuff the next quarter, otherwise lawsuits are threatened. Dell can do what the hell it wants to. Charge off a ton of earnings for R&D? Perfectly fine.
Apple needs to do the same if it wants to remain a player long term. Otherwise, they may end up suffering a fate similar to Sony with regards to consumer electronics in the early 2000s, especially with companies like Samsung coming out with innovative products on a constant basis.
Sometimes you can make a password management system that takes your single secret password (or a keyfile), adds the host name and the username, tosses it through a SHA-512 HMAC, then uses the first n characters, n being the max the site allows. The nice thing about this method is that the password can't be figured out even if an attacker gets your site passwords.
My ideal password manager would be one that synced to a cloud provider, but had each device have its own private key, and a record so it can unlock and decrypt the master database key. A symmetric key would also be present for recovery reasons. This way, even if the cloud provider were hacked, there would be the database, and a bunch of entries encrypted to a number of public keys, forcing the attacker to either try to factor one of the keys, or go against the entire AES-256 keyspace [1]. Since Windows, Linux, macOS, Android, and iOS all have OS level protection mechanisms for keys, one can use those for device protection.
[1]: Or if one wants to up security a notch, cascade AES, SERPENT, and some other Russian/Chinese standard algorithms. This isn't to brag about having 1024 bits of key space, but in case one of the main algorithms has a significant weakness, the data is still protected. This is why VeraCrypt offers a two and three algorithm cascade.
If you want something that has a lot of configuration abilities, look at Remote Desktop Manager. It is a commercial utility, but has a free version. It handles not just SSH, but RDP, VNC, Apple Remote Access, and a ton of other protocols.
Both mechanical and electronic locks have good and bad points. A good mechanical system, if done by a locksmith who knows what they are doing with software to allow for proper keying, a lock mechanism that is reasonably high security [1] and allows a ton different keys, and quick responsiveness (if a guest leaves with a key, change the lock.) If this is done, the lock mechanism can be simple, yet very secure. I remember one place where when you closed the door, it threw the deadbolt, which was easily opened from the inside by the door knob. This lock couldn't be opened with a credit card.
Electronic locks may be easier to "rekey", but instead of picking, there is bypassing, and there tend to be as many ways to bypass a certain model of electronic lock (if not more) as there are for mechanical locks. For a smaller place that can't really have a locksmith on duty, electronic locks (with everything kept offline) are arguably the best option, but for a five star place, maybe having a high security key to hand to a guest would be a better option.
[1]: Most US door locks are shit. Five tumblers, maybe six. It actually is astounding why something like Medeco, Abloy PROTEC, Mul-T-Lock M3+, Evva MCS, or some other high security brand is not used as a standard. Even China has gone wild with dimple locks with at least 10+ security pins. When I mean high security, even something like Medeco3 which can be opened by a good locksporter would suffice, but the ideal would be an Abloy PROTEC2 or EVVA MCS where there are no known tools (other than a drill) to open the lock.
You are right on this. The simple concept of attack surface is the issue here. Offline, it takes physical access to a reader (which can be done), or physical access to the hotel network or the admin PC. Online, anyone in the world can attack it. Offline, police are relatively excellent at finding traces of a physical intruder and nailing them, while online, unless the person is extremely sloppy or they ticked off someone with enough money to hunt them down, they won't get caught.
Physical security devices should never be allowed on the Internet, period. Firmware updates should be signed, downloaded through a SD card, and updated via a manual basis, with a way to undo the update should it foul things up. If Compaq Deskpros and ProLiant machines in 1995 could do this, then machines made 20 years later can be made to be far more secure. I like the idea of a deadbolt that can tell if it is open or not... perhaps with the ability to lock from remote (but never unlock), but even that can be a hazard, since a would-be thief who gets access can just set a poll and alert him/her when the door is unlocked for a certain period of time.
I do agree for a hotel that keycards are a step above physical keying systems, but there can be a balance. Assa-Abloy has Abloy PROTEC2 locks with part of it being electronic (CLIQ). That way, there is both physical resistance to picking, as well as the ability to block a key from being used. This isn't cheap, but for a five star hotel, they can well afford a good locking system for their guests.
That is a good thing, and I am glad I am wrong here. Previously, I remember Apple disallowing programs that affected kernel level functionality. If Parallels can put their virtualization setup on the App Store, then I don't see why all Mac developers should not use the store. I would assert that stores or repositories are very beneficial in combatting Trojans, assuming they are well curated and bad software is removed quickly with the developer getting tossed.
In the Linux world, I've found it very rare that I download a program outside a repository. The only exception are some very specific utilities that address a narrow market, and Borg Backup, which the latest version doesn't seem to wind up in EPEL or the latest Ubuntu updates.
As for Windows, Microsoft needs to consider a push to have their store be similar. The days of downloading some program from Cnet or a BBS are long gone when it comes to security, for the most part.
Of course, there is a downside... I fear that doing this might get OS makers to block sideloading of programs. Ideally, sideloading should be allowed, but in very rare circumstances.
Mac security improved greatly when OS X took the field. Before that, especially with system 6/7, you could actually have a code segment sitting on a SCSI drive that would load and execute with all permissions. This was used for security software (FileGuard, A. M. E., Empower) to have a driver for on the fly encryption, and thankfully it was never used for ill (AFAIK), but the early Mac operating systems had a lot of infection vectors (WDEF... insert a floppy, bam infected, for example.)
OS X (i.e. NeXTStep with a Mac UI) was pretty good in the security department, and got a lot better, especially with the MAC/DAC stuff added in. However, nothing is 100% secure, and no desktop OS can protect against a Dancing Bunnies attack.
What does help would be more macOS developers using Apple's store instead of offering downloads on their websites. This way, users are trained that if they are asked to go outside the established mechanism, they should be extremely wary... or just say "no". The exception are programs that Apple doesn't allow, such as low level utilities (Little Snitch, VMWare Fusion, etc.)
In any case, Apple should be proactive and revoke the signing key of any proven adware maker.
Everyone has their own style, but I've used NFC (or more specifically Apple Pay) quite often. For all but some vending machines with a bum transceiver, it works well.