Why not add a duress password, perhaps? That, and hide the fact that trip mode is on, don't show a timer. Another way to deal with trip mode is to allow for non-trip-mode access only through a user settable range of IP addresses. Leave that range, the functionality set gets reduced. This way, if one is in Lower Elbonia, there is little to nothing the local goons can do to get full access to someone's profile, especially if the user uses 2FA.
I would be happy with a mini rack/blade system about the size of a HP MicroServer, with the ability to add 4-8 of these CPU boards in it as blades, each board having a SSD big enough to load a Linux distro or ESXi... and one has a nice CPU farm that doesn't take much space, but can run a lot of lightweight VMs very economically.
There used to be an app for Android called TextSecure. It was close to an ideal for messaging as one could get, because it did end to end encryption, no ads, could store texts encrypted, and so on. Wish it were still around.
There are tons of apps that did this on iOS and Android. Of course, the app had a good chance of sending the pic to an upstream provider where the editing was done, but hey, people are happy to trade everything for "free" stuff.
HTC actually used to do this. The HTC Wizard I had was branded a T-Mobile MDA. It might be a good idea for them to get with retail stores and make house brand phones.
I always get a bit nervous when ad formats change. Things like ads which have to be interacted with, every 5-10 minutes (thankfully uBlock Origin + Tampermonkey take care of those.) I'm just waiting for ads which require software to download and run with root/admin rights in order to be able to view a website, similar to the "pr0n viewer codecs" of yesteryear.
As for YouTube, between the Red subscription (which is nice for saving lots of stuff offline), and ad blockers, it hasn't been a problem, but I wonder what the 30 second ads will be replaced by.
Maybe I am one of the few people who have had very good luck with their phones. My first HTC phone was a HTC Wizard over eleven years ago. It lasted four years, the battery lasted a week on standby, and its dual-core TI OMAP could easily be overclocked. At the time Windows Mobile applications were decent, although it requires a stylus.
I have bought a few HTC devices, and have been happy with them. All still work, and the only reason I set them aside was for an upgrade. For example, my el cheapo HTC A9 is still going strong, especially with CM/LineageOS.
The nice thing about HTC is that all their devices are unlockable, bootloader wise. Yes, if you want to SIM unlock, you might have to use the Sunshine S/OFF app, but $25 separating you from an unlocked device... that isn't too bad.
Feature-wise, I've not found anything HTC devices lack that other brands have. The camera has been decent, the phone responsive, the fingerprint scanner accurate... everyday things are well up to snuff. Since I always use a case for my phones, I'm not as worried about feel.
From a security point of view, the devices are made in Taiwan, not China, which may not mean much, but it makes the devices feel more trustworthy.
As for the market, maybe HTC should have another line for budget phones. HTC for the flagship lines, then have a different company or subsidiary to run head to head against Huawei, BLU, and other competitors in that field. HTC can curry favor with the prime telcos in countries, while the lower-end subsidary can focus on getting their devices into the Tescos, Poundlands, Family Dollar, and other stores.
I don't think abandoning budget phones is a good idea. Mainly because there is a market for VWs as well as Mercedes. Blu Mobile is doing very well for example.
It is about marketing. I would say there is a niche for a cellphone maker that cozies up to retailers like Dollar General, Poundland, as well as MVNOs. Phones are getting "good enough" that a flagship phone isn't that much more useful than a midrange or even entry level device. So, instead of trying to dictate terms and be subject to the whims of the carriers, sell unlocked phones that work on the carriers, and find places at retail stores where people may not want the latest and greatest flagship device... but would buy something at a decent price.
This. Once a video hits the Internet, be it YouTube, Facebook, or some other source, effectively it can wind up on TV or become someone's propaganda tape. With Facebook, the users are the product; not the customers, so it is no wonder why the EULA is clear in allowing FB to do what they so please to whatever is stashed or uploaded.
If you want to compare TOS listings... the difference between my paid E-mail provider and my Gmail account is quite noticable. My paid provider says quite bluntly that they do not use any filter or search engine for ads on incoming E-mail, and that E-mail belongs to the end user, not them, and is only accessed by the mail provider in a limited number of circumstances.
You do get what you pay for. I keep Gmail around, but if I'm doing professional work, it goes to the Exchange hosted account.
This makes sense. If a company is turning enough revenue to keep people employed, is there a real reason to grow? For hundreds of years, mom and pop shops have done business with a constant level of customers, where growth is nice, but not something that was a must. No grow-or-die focus as it is now.
The problem is that since the 1990s, everyone feels the crash. Only a few see the recovery. When the economy tanked in 2000, for a lot of the US, it stayed tanked because the manufacturing jobs and steel mills went overseas. In 2008 when we had the economy crash, tech sector jobs have improved, but in reality, for most other sectors, there has not been that much, if any improvement. If other sectors see it, it is spillover from the tech sector (new BMWs, housing going up), or from other countries buying up land in the US.
I would say the economy peaked last summer, when in June and early July, there were hundreds of DevOps job postings for the local area I am in (Austin, TX). In six weeks, the number of those was reduced by over 90%.
We do have a few bubbles that may pop. First, the only thing that VCs are spending a dime on are companies that either push ads, suck data (analytics), or both. Even cloud computing hit a zenith in the past year where HP left the cloud market, and Rackspace got bought out. The uncertainty about the elections has also shaken people, and that might just have been enough to start an economic slide. To boot, OPEC is back with a vengence, and oil is climbing, which is also a drag on the economy.
Then, there is the final nail in the coffin. The Fed waiting to raise interest rates.
I'm seeing an across the board belt tightening. Public places have hiring freezes. Private companies are looking at technologies like Amazon Lambda [1], serverless technologies, and wholesale, "damn the torpedoes, full speed ahead" moves to AWS. AWS may be more expensive, but in a lot of PHB's heads, even if it costs more, reducing headcount is more important, because of the immediate cost savings.
I think as uncertainty goes on and it goes to outright unrest, the economy is going to not fare well. Especially with so many people disliking the current administration and are willing to monkeywrench to see that it doesn't do well.
[1]: The main attraction for Amazon Lambda is that companies can fire their OS, DBAs, and hardware guys, and just have someone doing IAM as the "IT department" with devs doing everything else.
Same. I can do a lot on OSX for developing, including using ansible and Vagrant for development projects. If that gets taken away, then I pretty much forced to Linux or Windows (and perhaps WSL). I hope the fact that iOS apps need macOS to write code on makes locking down macOS a thing that won't happen, but with the encroachment and attempts to lock down desktop boxes in general, I wouldn't be surprised by an effort like this.
When the breach happens, they care about one thing: Who "caused" it. They want to shitcan someone, say the problem is solved because the parties responsible are no longer working there, and continue on the same way, fundamentally insecure as before. Bonus points if they decide to bother running as a DA: "dsquery user | dsmod user -mustchpwd yes" so they can tell the press that "security precautions were taken."
Even repeated breaches won't change this behavior, because it is a cost of doing business.
That has been the norm with AT&T and T-Mobile for a while. Historically, providers shipped phones that were locked to their network, even phones that were purchased in full. However, there is a market for unlocked phones, especially people who find that they don't really need a flagship device for day to day use, and can save the C-notes. Blu Mobile devices come to mind for example.
Phones are getting to a point where, similar to hand tools, there is more than enough room for Harbor Freights in addition to the MAC and Snap-On companies. Especially with phones getting to a point where even a low end phone is "good enough" for most everyone.
This gets me wondering about another avenue in the US market:
Hell with the carriers, make unlocked phones that work on all four as well as the MVNOs. Make the deals with retailers. A low cost phone from Dollar General that works everywhere (just needing a SIM card from a carrier) may be a lot more useful to a lot of the people out there than trying to buy a package deal from a carrier.
Heck, it might be wise to make a deal with MVNOs, because it may not be the "prime" market segment... but there is money to be made selling Chevies as well as Cadillacs, and making decent phones at a low price might be a market niche worth pursuing. Especially because Android is pretty much a commodity item, other than the $3 a company has to give to Microsoft for exFAT and other patents.
This would be a win/win for retailers, consumers, and Huawei. This makes the carrier the commodity.
Which Nokia? The real Nokia which bought Alcatel-Lucent is making money hand over fist with their network management software and routers. In fact, good luck doing carrier-grade level networking without A-L hardware. Cisco isn't bad, but there is a difference between enterprise and carrier grade. Nokia also has device management software. They also have their own "carrier grade" cloud service (Cloudband) and are doing well with that.
People think Nokia was just the smartphone company... but realistically, they are doing quite well... the fact that they are not as visible to the end consumer doesn't change much.
The later revs of macOS try to do this with SIP (system integrity protection). Does it work? I've not read anything showing that it has been compromised, but it is a software solution like SELinux, so there is probably a way to bypass it.
What I would like to see is taking that a step further and having all operating systems run on thin hypervisors (think Hyper-V, ESXi, KVM, or whatnot.) That way, a web browser can be in its own separate VM with a separate filesystem, banking data can be in another VM, and general documents in yet a third, with a decent UI allowing for seamless operation, but yet preserving separation (like having a warning dialog if cutting/pasting between VMs.)
I wish Apple would add TPM support to the SMC. That way, there wouldn't be this preboot phase with FileVault as there is now, unless TPM cannot unseal the key, and the machine would remain secure. Add a pre-boot PIN or USB flash drive (similar to BitLocker), and it would provide solid security.
Good luck with that, MS. The adversaries out there are not just nations who might have something to gain by playing fair or following rules due to game theory, but terrorist groups, criminal organizations, heck, even disaffected college students. Unlike conventional weapons that require expensive physical objects, a massive DDoS can be launched from a cast-off 486 as the top level command console as it can from a high-end supercomputer.
The main focus needs to be on "Great Wall of xxx", "xxx" being the country. If this isn't thought of now, it will be done by the government when some cyber-terrorism event happens that gets knee-jerk reactions going (think the USAPATRIOT act.) China has their Great Firewall. Iran is building their own Internet. Australia is in the process of building their nationwide firewall. Blocking attacks from other countries is going to be an issue sooner or later.
A second focus needs to be on LARTing IoT makers to follow a ground up security design. A hub (or hubs for redundancy) and spoke system, so IoT devices do their communication through a hardened hub that only allows the devices to communicate with what sites the signed manufacturer's manifest allows (and 0.0.0.0/0 is not allowed directly.) As it stands now, there is actually a punishment for IoT makers to design any security in their products. Mainly because if v1.0 has a security hole, when IoT maker makes 1.1, all the owners of Device 1.0 will upgrade or else face being pwned. If the IoT maker did updates, they would lose out on that revenue, plus to them, every dollar spent on security is a dollar with no ROI. Unless pressure is placed on IoT makers, we will be seeing exponentially worse DDoS attacks when every fridge, microwave, smart TV, sex toy, and doorbell be used for it.
I can see having one of these in the car or RV, with a cheapie prepaid SIM card that might need a small top-off every few months. Definitely worth having.
I do miss the $15 prepaid candybar Nokia phone. Only did basic texts and phone... but it worked well, and Nokia's UI for the feature phones is unmatched.
It may not replace turbine engines in fighter jets, but it will do a lot for general transportation. Over 1/3 of an IC engine's energy is lost through the exhaust pipe, and the rest by heat, so you might have 1/5 to 1/3 of the energy from the fuel being used to turn the crankshaft. An electric motor is lighter than an IC engine, takes up less space, and is 90% or more efficient. It also requires far fewer moving parts.
That is about right, especially in a car in 40 degree (C) weather here in Texas. Put a phone on a dash, and there is a good chance it will thermal shut down after 20-30 minutes after you leave your vehicle.
Home and grid storage are unique in their battery needs. Unlike transportation and portable devices, energy density by volume and by weight is less of an issue than the amount of charge cycles. NiFe batteries are solid performers, but being able to have better energy density, and not have to worry about watering the batteries or worrying about offgassing is a plus.
Of course, this by itself won't revolutionize things, but you pile up all the improvements happening with batteries, and we are actually getting somewhere. Once we get batteries within an order of magnitude of propane or gasoline with regards of energy density by volume, the transportation industry will be as radically changed as it was when the internal combustion engine did to the industry in the past century.
Slashdot Mirror
Why not add a duress password, perhaps? That, and hide the fact that trip mode is on, don't show a timer. Another way to deal with trip mode is to allow for non-trip-mode access only through a user settable range of IP addresses. Leave that range, the functionality set gets reduced. This way, if one is in Lower Elbonia, there is little to nothing the local goons can do to get full access to someone's profile, especially if the user uses 2FA.
I would be happy with a mini rack/blade system about the size of a HP MicroServer, with the ability to add 4-8 of these CPU boards in it as blades, each board having a SSD big enough to load a Linux distro or ESXi... and one has a nice CPU farm that doesn't take much space, but can run a lot of lightweight VMs very economically.
There used to be an app for Android called TextSecure. It was close to an ideal for messaging as one could get, because it did end to end encryption, no ads, could store texts encrypted, and so on. Wish it were still around.
FB keeps attention by having new "stickers" be used and pulling older ones.
Don't forget Meitu which has been insanely popular, and happily sends data overseas.
FB -- useful, because it is a core gathering point for people.
Snapchat? Useless.
WhatsApp? Useless. Photogene4 is far better, and is paid for.
There are tons of apps that did this on iOS and Android. Of course, the app had a good chance of sending the pic to an upstream provider where the editing was done, but hey, people are happy to trade everything for "free" stuff.
This isn't just Yahoo... Facebook does similar, and I wouldn't be surprised that other sites do the same thing. The info they have on you is an asset.
HTC actually used to do this. The HTC Wizard I had was branded a T-Mobile MDA. It might be a good idea for them to get with retail stores and make house brand phones.
I always get a bit nervous when ad formats change. Things like ads which have to be interacted with, every 5-10 minutes (thankfully uBlock Origin + Tampermonkey take care of those.) I'm just waiting for ads which require software to download and run with root/admin rights in order to be able to view a website, similar to the "pr0n viewer codecs" of yesteryear.
As for YouTube, between the Red subscription (which is nice for saving lots of stuff offline), and ad blockers, it hasn't been a problem, but I wonder what the 30 second ads will be replaced by.
Maybe I am one of the few people who have had very good luck with their phones. My first HTC phone was a HTC Wizard over eleven years ago. It lasted four years, the battery lasted a week on standby, and its dual-core TI OMAP could easily be overclocked. At the time Windows Mobile applications were decent, although it requires a stylus.
I have bought a few HTC devices, and have been happy with them. All still work, and the only reason I set them aside was for an upgrade. For example, my el cheapo HTC A9 is still going strong, especially with CM/LineageOS.
The nice thing about HTC is that all their devices are unlockable, bootloader wise. Yes, if you want to SIM unlock, you might have to use the Sunshine S/OFF app, but $25 separating you from an unlocked device... that isn't too bad.
Feature-wise, I've not found anything HTC devices lack that other brands have. The camera has been decent, the phone responsive, the fingerprint scanner accurate... everyday things are well up to snuff. Since I always use a case for my phones, I'm not as worried about feel.
From a security point of view, the devices are made in Taiwan, not China, which may not mean much, but it makes the devices feel more trustworthy.
As for the market, maybe HTC should have another line for budget phones. HTC for the flagship lines, then have a different company or subsidiary to run head to head against Huawei, BLU, and other competitors in that field. HTC can curry favor with the prime telcos in countries, while the lower-end subsidary can focus on getting their devices into the Tescos, Poundlands, Family Dollar, and other stores.
I don't think abandoning budget phones is a good idea. Mainly because there is a market for VWs as well as Mercedes. Blu Mobile is doing very well for example.
It is about marketing. I would say there is a niche for a cellphone maker that cozies up to retailers like Dollar General, Poundland, as well as MVNOs. Phones are getting "good enough" that a flagship phone isn't that much more useful than a midrange or even entry level device. So, instead of trying to dictate terms and be subject to the whims of the carriers, sell unlocked phones that work on the carriers, and find places at retail stores where people may not want the latest and greatest flagship device... but would buy something at a decent price.
This. Once a video hits the Internet, be it YouTube, Facebook, or some other source, effectively it can wind up on TV or become someone's propaganda tape. With Facebook, the users are the product; not the customers, so it is no wonder why the EULA is clear in allowing FB to do what they so please to whatever is stashed or uploaded.
If you want to compare TOS listings... the difference between my paid E-mail provider and my Gmail account is quite noticable. My paid provider says quite bluntly that they do not use any filter or search engine for ads on incoming E-mail, and that E-mail belongs to the end user, not them, and is only accessed by the mail provider in a limited number of circumstances.
You do get what you pay for. I keep Gmail around, but if I'm doing professional work, it goes to the Exchange hosted account.
This makes sense. If a company is turning enough revenue to keep people employed, is there a real reason to grow? For hundreds of years, mom and pop shops have done business with a constant level of customers, where growth is nice, but not something that was a must. No grow-or-die focus as it is now.
The problem is that since the 1990s, everyone feels the crash. Only a few see the recovery. When the economy tanked in 2000, for a lot of the US, it stayed tanked because the manufacturing jobs and steel mills went overseas. In 2008 when we had the economy crash, tech sector jobs have improved, but in reality, for most other sectors, there has not been that much, if any improvement. If other sectors see it, it is spillover from the tech sector (new BMWs, housing going up), or from other countries buying up land in the US.
I would say the economy peaked last summer, when in June and early July, there were hundreds of DevOps job postings for the local area I am in (Austin, TX). In six weeks, the number of those was reduced by over 90%.
We do have a few bubbles that may pop. First, the only thing that VCs are spending a dime on are companies that either push ads, suck data (analytics), or both. Even cloud computing hit a zenith in the past year where HP left the cloud market, and Rackspace got bought out. The uncertainty about the elections has also shaken people, and that might just have been enough to start an economic slide. To boot, OPEC is back with a vengence, and oil is climbing, which is also a drag on the economy.
Then, there is the final nail in the coffin. The Fed waiting to raise interest rates.
I'm seeing an across the board belt tightening. Public places have hiring freezes. Private companies are looking at technologies like Amazon Lambda [1], serverless technologies, and wholesale, "damn the torpedoes, full speed ahead" moves to AWS. AWS may be more expensive, but in a lot of PHB's heads, even if it costs more, reducing headcount is more important, because of the immediate cost savings.
I think as uncertainty goes on and it goes to outright unrest, the economy is going to not fare well. Especially with so many people disliking the current administration and are willing to monkeywrench to see that it doesn't do well.
[1]: The main attraction for Amazon Lambda is that companies can fire their OS, DBAs, and hardware guys, and just have someone doing IAM as the "IT department" with devs doing everything else.
Same. I can do a lot on OSX for developing, including using ansible and Vagrant for development projects. If that gets taken away, then I pretty much forced to Linux or Windows (and perhaps WSL). I hope the fact that iOS apps need macOS to write code on makes locking down macOS a thing that won't happen, but with the encroachment and attempts to lock down desktop boxes in general, I wouldn't be surprised by an effort like this.
When the breach happens, they care about one thing: Who "caused" it. They want to shitcan someone, say the problem is solved because the parties responsible are no longer working there, and continue on the same way, fundamentally insecure as before. Bonus points if they decide to bother running as a DA: "dsquery user | dsmod user -mustchpwd yes" so they can tell the press that "security precautions were taken."
Even repeated breaches won't change this behavior, because it is a cost of doing business.
That has been the norm with AT&T and T-Mobile for a while. Historically, providers shipped phones that were locked to their network, even phones that were purchased in full. However, there is a market for unlocked phones, especially people who find that they don't really need a flagship device for day to day use, and can save the C-notes. Blu Mobile devices come to mind for example.
Phones are getting to a point where, similar to hand tools, there is more than enough room for Harbor Freights in addition to the MAC and Snap-On companies. Especially with phones getting to a point where even a low end phone is "good enough" for most everyone.
This gets me wondering about another avenue in the US market:
Hell with the carriers, make unlocked phones that work on all four as well as the MVNOs. Make the deals with retailers. A low cost phone from Dollar General that works everywhere (just needing a SIM card from a carrier) may be a lot more useful to a lot of the people out there than trying to buy a package deal from a carrier.
Heck, it might be wise to make a deal with MVNOs, because it may not be the "prime" market segment... but there is money to be made selling Chevies as well as Cadillacs, and making decent phones at a low price might be a market niche worth pursuing. Especially because Android is pretty much a commodity item, other than the $3 a company has to give to Microsoft for exFAT and other patents.
This would be a win/win for retailers, consumers, and Huawei. This makes the carrier the commodity.
Which Nokia? The real Nokia which bought Alcatel-Lucent is making money hand over fist with their network management software and routers. In fact, good luck doing carrier-grade level networking without A-L hardware. Cisco isn't bad, but there is a difference between enterprise and carrier grade. Nokia also has device management software. They also have their own "carrier grade" cloud service (Cloudband) and are doing well with that.
People think Nokia was just the smartphone company... but realistically, they are doing quite well... the fact that they are not as visible to the end consumer doesn't change much.
The later revs of macOS try to do this with SIP (system integrity protection). Does it work? I've not read anything showing that it has been compromised, but it is a software solution like SELinux, so there is probably a way to bypass it.
What I would like to see is taking that a step further and having all operating systems run on thin hypervisors (think Hyper-V, ESXi, KVM, or whatnot.) That way, a web browser can be in its own separate VM with a separate filesystem, banking data can be in another VM, and general documents in yet a third, with a decent UI allowing for seamless operation, but yet preserving separation (like having a warning dialog if cutting/pasting between VMs.)
I wish Apple would add TPM support to the SMC. That way, there wouldn't be this preboot phase with FileVault as there is now, unless TPM cannot unseal the key, and the machine would remain secure. Add a pre-boot PIN or USB flash drive (similar to BitLocker), and it would provide solid security.
Good luck with that, MS. The adversaries out there are not just nations who might have something to gain by playing fair or following rules due to game theory, but terrorist groups, criminal organizations, heck, even disaffected college students. Unlike conventional weapons that require expensive physical objects, a massive DDoS can be launched from a cast-off 486 as the top level command console as it can from a high-end supercomputer.
The main focus needs to be on "Great Wall of xxx", "xxx" being the country. If this isn't thought of now, it will be done by the government when some cyber-terrorism event happens that gets knee-jerk reactions going (think the USAPATRIOT act.) China has their Great Firewall. Iran is building their own Internet. Australia is in the process of building their nationwide firewall. Blocking attacks from other countries is going to be an issue sooner or later.
A second focus needs to be on LARTing IoT makers to follow a ground up security design. A hub (or hubs for redundancy) and spoke system, so IoT devices do their communication through a hardened hub that only allows the devices to communicate with what sites the signed manufacturer's manifest allows (and 0.0.0.0/0 is not allowed directly.) As it stands now, there is actually a punishment for IoT makers to design any security in their products. Mainly because if v1.0 has a security hole, when IoT maker makes 1.1, all the owners of Device 1.0 will upgrade or else face being pwned. If the IoT maker did updates, they would lose out on that revenue, plus to them, every dollar spent on security is a dollar with no ROI. Unless pressure is placed on IoT makers, we will be seeing exponentially worse DDoS attacks when every fridge, microwave, smart TV, sex toy, and doorbell be used for it.
I can see having one of these in the car or RV, with a cheapie prepaid SIM card that might need a small top-off every few months. Definitely worth having.
I do miss the $15 prepaid candybar Nokia phone. Only did basic texts and phone... but it worked well, and Nokia's UI for the feature phones is unmatched.
It may not replace turbine engines in fighter jets, but it will do a lot for general transportation. Over 1/3 of an IC engine's energy is lost through the exhaust pipe, and the rest by heat, so you might have 1/5 to 1/3 of the energy from the fuel being used to turn the crankshaft. An electric motor is lighter than an IC engine, takes up less space, and is 90% or more efficient. It also requires far fewer moving parts.
That is about right, especially in a car in 40 degree (C) weather here in Texas. Put a phone on a dash, and there is a good chance it will thermal shut down after 20-30 minutes after you leave your vehicle.
Home and grid storage are unique in their battery needs. Unlike transportation and portable devices, energy density by volume and by weight is less of an issue than the amount of charge cycles. NiFe batteries are solid performers, but being able to have better energy density, and not have to worry about watering the batteries or worrying about offgassing is a plus.
Of course, this by itself won't revolutionize things, but you pile up all the improvements happening with batteries, and we are actually getting somewhere. Once we get batteries within an order of magnitude of propane or gasoline with regards of energy density by volume, the transportation industry will be as radically changed as it was when the internal combustion engine did to the industry in the past century.