I would argue that banking apps on a phone might be more secure than on a PC. Mainly because done right, a phone has far less chance of getting malware that can access the banking app's jail or directory than rogue software running as a user context on a user's PC. Nothing is 100%, of course.
Late 2015, I bought a HTC One A9, which is an entry-level phone. The default ROM ships with/data encrypted by default but with no authentication. During setup, when one set the PIN and such, it would change the stored password. When moving to a CM/LineageOS ROM,/data was not encrypted, but that was not too difficult to fix up. Samsung phones also ship with/data encrypted as well.
As for Sudo, the closest to that would be SuperSU or something similar. There are no real weaknesses for having a rooted phone, because modern su apps check other app manifests for the priv to use su in any way, then when the app in question wants to use root, it will prompt the user.
With both Android and iOS, the device will ship encrypted, and all one has to do is set the PIN and fingerprint. Updates are generally done automatically, with OS updated being the only real thing that is prompted for, and that usually takes a click or two.
With updates being pretty much automatic, there isn't much to do as a user, for the most part, other than periodically checking that the iCloud or Titanium Backup image was successful.
Yes, it can be banned. However, the extremist ideology (regardless of left or right) only festers. Germany may get FB to ban it, but there will be sites that it will move to. For example, last year when FB did a mass purge of gun buying/sales sites, all that stuff just went to MeWe. When Twitter banned the Breitbart guy, Gab formed. Look at how the Pirate Bay has been hunted down by some of the richest people, groups, companies, and governments in the world, and they still pop back up in some form. Banning free speech can be done, but it will take a lot of government resources to actually make it effective.
Worst case, the companies serving the German subscribers keep their servers in Russia or someplace outside of the German government's reach.
If someone is killed by an AI, it is a freak accident that makes the news and horror stories. It someone is killed by a drunk, it is considered an every day thing. However, in both cases, dead is dead.
At least an AI can be improved, the guy who has no license, four priors, and is driving a car titled under a family member's name isn't going to become a safer driver.
I think you summed up well what is wrong with Pandora.
I would say that the only music store that actually was consistently good at introducing new stuff in a genre would have been Microsoft Urge, as it was a joint effort between MTV and Microsoft, and at the time, the "M" in MTV was still relevant.
What we need is a throwback to the original Pandora. Stay within a genre, and if it is intended to be an instrumental genre, don't toss in something completely irrelevant.
Thanks for the pointer to Jango. One of Pandora's pluses was the ability to find new bands that were actually relevant, and not were just paid promos. For example, if I'm listening to jazz, I don't want Nickelback or Coldplay popping up next, because some promoter paid for their songs to be in every list.
On Macs, the default passwords generated by the macOS PW generator in the KeyChain app are two words with some numbers or symbols between and around them. This is close to ideal, because it is unpredictable enough to help fight off brute forcing, but memorable enough so the password can be typed in without a PW manager.
The problem is getting VCs. Last time I approached investors for something new, they wanted me to be able to get them richer on the way out if they hopped on and decided to leave at any time, and anything less, don't bother. Another VC said he was either interested in data going into the company, ads coming out of the company, and anything else is not worth his time, and mentioned the Meitu app as the ideal product.
So, trying to get venture capital is tough these days. Crowdfunding is a good solution. You design a cool product, crowdfund it, ship it, and now you have the capital and profit needed to run your startup without some guy stepping in with 51+ percentage of the firm demanding that every widget be made as cheaply as possible, every single programmer be offshored, and every IT person be an H-1B from a contract house.
What other ways are there to get funded? The credit market is tight.
I would say crowdsourcing is a good way to get what is needed. Yes, I do agree that crowdsourcing isn't 100%... but what is, these days?
Sometimes I wonder about a type of insurance that is obtained during the crowdfunding, similar to a surety bond. If a crowdfunding company fails, the insco would be the ones who would refund the would-be buyers. Of course, it won't be cheap, but it would give peace of mind.
Ages ago, there used to be a company that sold password managers, which were completely airgapped. If you wanted to add a PW, you used the device to toss it in. It also had good security -- more than "x" amount of wrong guessed PINs, the device fried itself.
I'd say there is a market for this still. Make an Android device with a low res camera, no antennas of any sort other than wireless charging.
Then, one can use the camera to scan in passwords from the PC, or just type them in directly on the device. For backups, the device can generate QR codes, which another device can scan off and save. The device can then be hardened from there on out (a TPM used for physical security, a glass case with metallic paint on the inside [1], that if broken would zero master keys, etc.). Of course, it would require the ROM be perfect the first time, as updates would be difficult, but done right, it would be a secure device overall.
[1]: The paint would be for RF insulation. Perhaps add mesh for a Faraday cage as well.
This is the goal of both Windows and Linux, long term. The goal is to have virtual servers you configure once with a ruleset, then chuck and rebuild instead of trying to upgrade and maintain. Knowing the "pets versus cattle" aspect can score someone a job in an interview versus a hearty "thank you... next in line, please."
As time goes by, PowerShell is only going to get more emphasis, just because it is far easier to add cmdlets than to add usable GUI functionality.
The difference in a typical Linux distro (as opposed to Linux proper, which is just the kernel) versus Android is the userland. Different libraries, etc. For example, on Android, usually a form of Busybox is often the shell, because it is a statically linked executable and requires nothing else to be installed.
Android and its security model isn't bad, although it would be nice if it were designed from the ground up with "ask on first use" permissions, as opposed to having them strapped on in a recent rev of the OS.
I'd love to see some additional container and virtualization aspects for Android. It would be nice to be able to keep multiple userlands, all separate from each other, on a phone or tablet. That way, if home stuff is compromised, work stuff is still OK. Bonus if the hypervisor's FS has deduplication built in, so each userland would have relatively low overhead.
I was reading that someone made a translator that could take the VGA signal from games made for CRTs, and "convert" it to display accurately on LCD monitors, where the fringing aspect (as in Apple ][s) was accurately simulated. Perhaps this might be the way to go.
People pay 10 times the price for LiFePO4 batteries than lead-acid batteries for their RV because it means more usable electricity, and the cost is a relatively minor part of the equation.
As for $100 more for a phone, already did so. The external battery case I have cost that much... and is well worth it.
It may be more expensive, but battery life is such a limiting factor on many things, that any way to expand on energy stored per volume will be used, even if the cost is a lot more.
There are more than just end consumers (who are viewed as suckers) who want a better battery. Companies making electric vehicles, aviation companies, armed forces of various countries, computer makers, pretty much almost any organization or company out there needs better battery technology. This would make a lot of things possible which are at best borderline now.
Cold areas also have spots that offer receptacles for engine block heaters. I wouldn't be surprised to see something similar offered for batteries, perhaps with a low current charger as well, to keep the SoC maintained.
It comes and goes. Amazon is looking to get into the brick and mortar department, Wal-Mart is booming, and Target isn't doing too bad. Specialty stores will always be something that hits malls (places like Wet Seal or Hot Topic are never going away), but the big retail chains will always be in flux. I'm sure 20 years from now, the Sears Auto shop may be gone, but there will be an Amazon Auto that replaces it, offering 24/7 service, and offering specials for self-driving cars.
I still do. CDs are a compromise between having a usable electronic medium that one can rip tracks from, as well as a decent space for album art and lyrics on the jewel case and inserts.
Windows 10 Enterprise has that functionality coming up.
I do this anyway... have a VM just for running the browser under. This way, if/when it gets nuked, a rollback to a snapshot cures it. Running ad blocking software doesn't hurt either.
I like Google, but this is yet another half-assed "standard". AT&T, T-Mobile and Verizon are not on board, there is no endpoint encryption, and it looks like it can be another vector for exploits because of "rich" content (i.e. ads.)
Heck with this. Give me something like Signal or TextSecure as a messaging app which stores received stuff encrypted.
How about this be the way for more items? Charge 10-15% more for something across the board, and not nickel and dime after the sale. It means more money overall anyway.
Slashdot Mirror
I would argue that banking apps on a phone might be more secure than on a PC. Mainly because done right, a phone has far less chance of getting malware that can access the banking app's jail or directory than rogue software running as a user context on a user's PC. Nothing is 100%, of course.
Late 2015, I bought a HTC One A9, which is an entry-level phone. The default ROM ships with /data encrypted by default but with no authentication. During setup, when one set the PIN and such, it would change the stored password. When moving to a CM/LineageOS ROM, /data was not encrypted, but that was not too difficult to fix up. Samsung phones also ship with /data encrypted as well.
As for Sudo, the closest to that would be SuperSU or something similar. There are no real weaknesses for having a rooted phone, because modern su apps check other app manifests for the priv to use su in any way, then when the app in question wants to use root, it will prompt the user.
With both Android and iOS, the device will ship encrypted, and all one has to do is set the PIN and fingerprint. Updates are generally done automatically, with OS updated being the only real thing that is prompted for, and that usually takes a click or two.
With updates being pretty much automatic, there isn't much to do as a user, for the most part, other than periodically checking that the iCloud or Titanium Backup image was successful.
Like 1984 comes to life, Animal Farm also holds heavy relevance in today's political climate.
Yes, it can be banned. However, the extremist ideology (regardless of left or right) only festers. Germany may get FB to ban it, but there will be sites that it will move to. For example, last year when FB did a mass purge of gun buying/sales sites, all that stuff just went to MeWe. When Twitter banned the Breitbart guy, Gab formed. Look at how the Pirate Bay has been hunted down by some of the richest people, groups, companies, and governments in the world, and they still pop back up in some form. Banning free speech can be done, but it will take a lot of government resources to actually make it effective.
Worst case, the companies serving the German subscribers keep their servers in Russia or someplace outside of the German government's reach.
If someone is killed by an AI, it is a freak accident that makes the news and horror stories. It someone is killed by a drunk, it is considered an every day thing. However, in both cases, dead is dead.
At least an AI can be improved, the guy who has no license, four priors, and is driving a car titled under a family member's name isn't going to become a safer driver.
I think you summed up well what is wrong with Pandora.
I would say that the only music store that actually was consistently good at introducing new stuff in a genre would have been Microsoft Urge, as it was a joint effort between MTV and Microsoft, and at the time, the "M" in MTV was still relevant.
What we need is a throwback to the original Pandora. Stay within a genre, and if it is intended to be an instrumental genre, don't toss in something completely irrelevant.
Thanks for the pointer to Jango. One of Pandora's pluses was the ability to find new bands that were actually relevant, and not were just paid promos. For example, if I'm listening to jazz, I don't want Nickelback or Coldplay popping up next, because some promoter paid for their songs to be in every list.
On Macs, the default passwords generated by the macOS PW generator in the KeyChain app are two words with some numbers or symbols between and around them. This is close to ideal, because it is unpredictable enough to help fight off brute forcing, but memorable enough so the password can be typed in without a PW manager.
The problem is getting VCs. Last time I approached investors for something new, they wanted me to be able to get them richer on the way out if they hopped on and decided to leave at any time, and anything less, don't bother. Another VC said he was either interested in data going into the company, ads coming out of the company, and anything else is not worth his time, and mentioned the Meitu app as the ideal product.
So, trying to get venture capital is tough these days. Crowdfunding is a good solution. You design a cool product, crowdfund it, ship it, and now you have the capital and profit needed to run your startup without some guy stepping in with 51+ percentage of the firm demanding that every widget be made as cheaply as possible, every single programmer be offshored, and every IT person be an H-1B from a contract house.
What other ways are there to get funded? The credit market is tight.
I would say crowdsourcing is a good way to get what is needed. Yes, I do agree that crowdsourcing isn't 100%... but what is, these days?
Sometimes I wonder about a type of insurance that is obtained during the crowdfunding, similar to a surety bond. If a crowdfunding company fails, the insco would be the ones who would refund the would-be buyers. Of course, it won't be cheap, but it would give peace of mind.
Ages ago, there used to be a company that sold password managers, which were completely airgapped. If you wanted to add a PW, you used the device to toss it in. It also had good security -- more than "x" amount of wrong guessed PINs, the device fried itself.
I'd say there is a market for this still. Make an Android device with a low res camera, no antennas of any sort other than wireless charging.
Then, one can use the camera to scan in passwords from the PC, or just type them in directly on the device. For backups, the device can generate QR codes, which another device can scan off and save. The device can then be hardened from there on out (a TPM used for physical security, a glass case with metallic paint on the inside [1], that if broken would zero master keys, etc.). Of course, it would require the ROM be perfect the first time, as updates would be difficult, but done right, it would be a secure device overall.
[1]: The paint would be for RF insulation. Perhaps add mesh for a Faraday cage as well.
This is the goal of both Windows and Linux, long term. The goal is to have virtual servers you configure once with a ruleset, then chuck and rebuild instead of trying to upgrade and maintain. Knowing the "pets versus cattle" aspect can score someone a job in an interview versus a hearty "thank you... next in line, please."
As time goes by, PowerShell is only going to get more emphasis, just because it is far easier to add cmdlets than to add usable GUI functionality.
The difference in a typical Linux distro (as opposed to Linux proper, which is just the kernel) versus Android is the userland. Different libraries, etc. For example, on Android, usually a form of Busybox is often the shell, because it is a statically linked executable and requires nothing else to be installed.
Android and its security model isn't bad, although it would be nice if it were designed from the ground up with "ask on first use" permissions, as opposed to having them strapped on in a recent rev of the OS.
I'd love to see some additional container and virtualization aspects for Android. It would be nice to be able to keep multiple userlands, all separate from each other, on a phone or tablet. That way, if home stuff is compromised, work stuff is still OK. Bonus if the hypervisor's FS has deduplication built in, so each userland would have relatively low overhead.
I was reading that someone made a translator that could take the VGA signal from games made for CRTs, and "convert" it to display accurately on LCD monitors, where the fringing aspect (as in Apple ][s) was accurately simulated. Perhaps this might be the way to go.
People pay 10 times the price for LiFePO4 batteries than lead-acid batteries for their RV because it means more usable electricity, and the cost is a relatively minor part of the equation.
As for $100 more for a phone, already did so. The external battery case I have cost that much... and is well worth it.
It may be more expensive, but battery life is such a limiting factor on many things, that any way to expand on energy stored per volume will be used, even if the cost is a lot more.
A HDMI cable works on the TV as well as the monitor. In fact, I wind up using my TV as a way to watch YouTube more than I do regular broadcasting.
There are more than just end consumers (who are viewed as suckers) who want a better battery. Companies making electric vehicles, aviation companies, armed forces of various countries, computer makers, pretty much almost any organization or company out there needs better battery technology. This would make a lot of things possible which are at best borderline now.
This is the guy who helped invent the lithium battery in the first place. I don't think he is doing fringe science.
Cold areas also have spots that offer receptacles for engine block heaters. I wouldn't be surprised to see something similar offered for batteries, perhaps with a low current charger as well, to keep the SoC maintained.
It comes and goes. Amazon is looking to get into the brick and mortar department, Wal-Mart is booming, and Target isn't doing too bad. Specialty stores will always be something that hits malls (places like Wet Seal or Hot Topic are never going away), but the big retail chains will always be in flux. I'm sure 20 years from now, the Sears Auto shop may be gone, but there will be an Amazon Auto that replaces it, offering 24/7 service, and offering specials for self-driving cars.
I still do. CDs are a compromise between having a usable electronic medium that one can rip tracks from, as well as a decent space for album art and lyrics on the jewel case and inserts.
Windows 10 Enterprise has that functionality coming up.
I do this anyway... have a VM just for running the browser under. This way, if/when it gets nuked, a rollback to a snapshot cures it. Running ad blocking software doesn't hurt either.
Signal by Open Whisper Systems. Simple, straightforward, and works well.
I like Google, but this is yet another half-assed "standard". AT&T, T-Mobile and Verizon are not on board, there is no endpoint encryption, and it looks like it can be another vector for exploits because of "rich" content (i.e. ads.)
Heck with this. Give me something like Signal or TextSecure as a messaging app which stores received stuff encrypted.
How about this be the way for more items? Charge 10-15% more for something across the board, and not nickel and dime after the sale. It means more money overall anyway.