Really? because most places I've lived it's 6:30-7:30 am since most people are getting to work at 8am. Of do you guys not have a lot of traffic up there?
One interesting conceit Amazon had to make for this to work with their ever-shifting pricing model is there are no prices in the catalog. You have to go online to see the current price.
Well it's a good way to make discovery easier. Trying to find stuff you don't know you want isn't the easiest on Amazon's site. A department specific catalog like this makes it a breeze. Plus it means you don't need to use a "device" to view it, and it's easy to share. Funny how it's always two steps forward one back.
I don't think it would be great for everything but this particular case it seems like a great idea. With department stores basically dead, and Toys 'R' Us gone (for now) it's really down to Walmart, Target, and Amazon competing for toy sales, and the first two already put toy out catalogs for Christmas.
Speaking of Apple, one big difference here is that iOS doesn't tie security updates to hardware the way Google is doing here (unless, of course, the particular issue is model specific). So if you have an old iPhone with a currently supported OS on it, it will get security updates for as long as Apple is releasing them for that version. I seems crazy that a Google branded Android device with a modern version of Android OS isn't going to get security updates for that OS now because the hardware and not the OS is out of support.
On some of the tested drives, the user's password isn't actually used to encrypt the key. Those same drives also have vendor-specific commands to run arbitrary code on the SSD's CPU, so you can bypass the password check and gain access.
Insane, no? It's 2018 FFS. This isn't some sophisticated attack on the encryption algo or freezing the RAM to extract keys, it's just purely inept engineering and shouldn't be happening in this day and age. It's damn infuriating.
If keys are stored in an encrypted enclave where it's easy to retrieve, or, worse, a drive uses a publicly available (it's in the manual!) then yea, it's useless. That's just too low of a level of effort for the attacks to consider it any more secure than an unencrypted disk.
It's sounding like the data isn't stored encrypted, just their implementation with the chip gives you the illusion it is so, and the exploit shows it.
Is this right?
No, it's wrong. The data is encrypted, however in one case, there is a hard-coded backdoor password, and in the other the keys are stores in non-encrypted storage.
It's like locking your front door but leaving the key under the mat. The door is locked, but it's not very useful at keeping people.
By this analogy, should music in styles not quite suitable for live performance cease to exist?
There isn't anything preventing it to exist. But don't ask me to pay real money for your imaginary property. Ditto for software, video games, movies, etc. Find another way to fund your hobby.
Those above, and the fact the first RDR was a beloved game by those who played it.
Bit off topic, but why aren't they releasing this on PC. I could see if it was on the 360 and PS3 as well, but it ain't
If I were a betting man I'd say you will see the PC version in Spring 2019.
...and while I give up some of my data to the company, what I get in return has sizable value...
Has the anti-apple vitriol really come to this? To arguing that trading your privacy away to Google is good as long as you get something nice in exchange because Tim Cook said it was bad? Really?
The All Writs act of 1798 is the law that Apple violated when they refused to comply with the district court order to help the FBI extract data from the San Bernardino shooter.
Nice try at misdirection, but I call your [citation needed] bluff.
Incorrect. Apple's argument wasn't "we don't want to" it was "we can't, we don't have the keys". They did comply and supplied all the info they had access to from iCloud and the like. The argument was over whether Apple should be required to try to hack their own OS, but this was never tested in court since the FBI didn't pursue it.
Uninstall tracking exploits a core element of Apple's and Google's mobile operating systems: push notifications. Developers have always been able to use so-called silent push notifications to ping installed apps at regular intervals without alerting the user -- to refresh an inbox or social media feed while the app is running in the background, for example. But if the app doesn't ping the developer back, the app is logged as uninstalled, and the uninstall tracking tools add those changes to the file associated with the given mobile device's unique advertising ID, details that make it easy to identify just who's holding the phone and advertise the app to them wherever they go.
They are uninstalled. No one really read the summary I guess.
Uninstall tracking exploits a core element of Apple's and Google's mobile operating systems: push notifications. Developers have always been able to use so-called silent push notifications to ping installed apps at regular intervals without alerting the user -- to refresh an inbox or social media feed while the app is running in the background, for example. But if the app doesn't ping the developer back, the app is logged as uninstalled, and the uninstall tracking tools add those changes to the file associated with the given mobile device's unique advertising ID, details that make it easy to identify just who's holding the phone and advertise the app to them wherever they go.
To where, exactly? If you've uninstalled the application, the unique ID that they may have had previously when you installed the app won't associate with a specific device.
They can target your device through mobile ad networks since they have the device advertising unique ID. So you uninstall the app and suddenly you start seeing ads for it in other ad-supported apps and possibly when you browse from the phone.
Slashdot Mirror
Peak morning rush hour commute time is 8:00 AM
Really? because most places I've lived it's 6:30-7:30 am since most people are getting to work at 8am. Of do you guys not have a lot of traffic up there?
One interesting conceit Amazon had to make for this to work with their ever-shifting pricing model is there are no prices in the catalog. You have to go online to see the current price.
Man I hated flipping through those as a kid to get to the toy section. Until one day I didn't.
Well it's a good way to make discovery easier. Trying to find stuff you don't know you want isn't the easiest on Amazon's site. A department specific catalog like this makes it a breeze. Plus it means you don't need to use a "device" to view it, and it's easy to share. Funny how it's always two steps forward one back.
I don't think it would be great for everything but this particular case it seems like a great idea. With department stores basically dead, and Toys 'R' Us gone (for now) it's really down to Walmart, Target, and Amazon competing for toy sales, and the first two already put toy out catalogs for Christmas.
Speaking of Apple, one big difference here is that iOS doesn't tie security updates to hardware the way Google is doing here (unless, of course, the particular issue is model specific). So if you have an old iPhone with a currently supported OS on it, it will get security updates for as long as Apple is releasing them for that version. I seems crazy that a Google branded Android device with a modern version of Android OS isn't going to get security updates for that OS now because the hardware and not the OS is out of support.
On some of the tested drives, the user's password isn't actually used to encrypt the key. Those same drives also have vendor-specific commands to run arbitrary code on the SSD's CPU, so you can bypass the password check and gain access.
Insane, no? It's 2018 FFS. This isn't some sophisticated attack on the encryption algo or freezing the RAM to extract keys, it's just purely inept engineering and shouldn't be happening in this day and age. It's damn infuriating.
If keys are stored in an encrypted enclave where it's easy to retrieve, or, worse, a drive uses a publicly available (it's in the manual!) then yea, it's useless. That's just too low of a level of effort for the attacks to consider it any more secure than an unencrypted disk.
...keeping people out. Or in. whatever.
It's sounding like the data isn't stored encrypted, just their implementation with the chip gives you the illusion it is so, and the exploit shows it.
Is this right?
No, it's wrong. The data is encrypted, however in one case, there is a hard-coded backdoor password, and in the other the keys are stores in non-encrypted storage.
It's like locking your front door but leaving the key under the mat. The door is locked, but it's not very useful at keeping people.
So what you are saying is, there may be a Link Between Parkinson's Disease and the Appendix .
By this analogy, should music in styles not quite suitable for live performance cease to exist?
There isn't anything preventing it to exist. But don't ask me to pay real money for your imaginary property. Ditto for software, video games, movies, etc. Find another way to fund your hobby.
Those above, and the fact the first RDR was a beloved game by those who played it. Bit off topic, but why aren't they releasing this on PC. I could see if it was on the 360 and PS3 as well, but it ain't
If I were a betting man I'd say you will see the PC version in Spring 2019.
Dude, don't get him started on Cloud...
...and while I give up some of my data to the company, what I get in return has sizable value...
Has the anti-apple vitriol really come to this? To arguing that trading your privacy away to Google is good as long as you get something nice in exchange because Tim Cook said it was bad? Really?
The All Writs act of 1798 is the law that Apple violated when they refused to comply with the district court order to help the FBI extract data from the San Bernardino shooter.
Nice try at misdirection, but I call your [citation needed] bluff.
Incorrect. Apple's argument wasn't "we don't want to" it was "we can't, we don't have the keys". They did comply and supplied all the info they had access to from iCloud and the like. The argument was over whether Apple should be required to try to hack their own OS, but this was never tested in court since the FBI didn't pursue it.
Uninstall tracking exploits a core element of Apple's and Google's mobile operating systems: push notifications. Developers have always been able to use so-called silent push notifications to ping installed apps at regular intervals without alerting the user -- to refresh an inbox or social media feed while the app is running in the background, for example. But if the app doesn't ping the developer back, the app is logged as uninstalled, and the uninstall tracking tools add those changes to the file associated with the given mobile device's unique advertising ID, details that make it easy to identify just who's holding the phone and advertise the app to them wherever they go.
Uninstall tracking exploits a core element of Apple's and Google's mobile operating systems: push notifications. Developers have always been able to use so-called silent push notifications to ping installed apps at regular intervals without alerting the user -- to refresh an inbox or social media feed while the app is running in the background, for example. But if the app doesn't ping the developer back, the app is logged as uninstalled, and the uninstall tracking tools add those changes to the file associated with the given mobile device's unique advertising ID, details that make it easy to identify just who's holding the phone and advertise the app to them wherever they go.
To where, exactly? If you've uninstalled the application, the unique ID that they may have had previously when you installed the app won't associate with a specific device.
They can target your device through mobile ad networks since they have the device advertising unique ID. So you uninstall the app and suddenly you start seeing ads for it in other ad-supported apps and possibly when you browse from the phone.
Huh, didn't even know GM made smartphones.
No, you said MD5. If you RTFA you would see they were talking about an older, even more insecure algo.
Well in any contract vagueness or mistakes favor the party that didn't write it, so broken EULA = no EULA.
Unfortunately no. When AOL purchased them, they sold off all the llamas to a sweater company in Denver.
You mean that $69 1080TI I bought from aliexpress isn't real?
Deprecate. Thank you.
Looks like Chrome, Safari, and Firefox are also planning to disparage and belittle TLS 1.0 and 1.1 in the first half of 2020.?
Oh I see: you are mental. Ok bye.