The WAY card chips get used in the US is different from Europe, even though it's (more or less) the same underlying hardware.
In the US, chips attest that SOMEONE (probably) had physical possession of the card at the time of a first transaction (as opposed to merely knowing its number, or cloning its mag stripe. In Europe, they go a step further & attest (via PIN) that the authorized user was likely to be the one who intended the transaction.
Contrary to popular belief, signatures do nothing to directly validate credit card purchases at the time of transaction. Nobody compares the signature on file or on the back, because it's too wildly unreliable in both directions -- they're easy for someone who's seen your signature to forge, and most people's signatures aren't consistent over time anyway.
The purpose signatures DO serve is to *massively* amplify the legal consequences of fraud if you do it and get caught.
The entire US financial system depends not (directly) upon transaction-time security, but on the ability of banks to absorb temporary & permanent losses so it can focus on after-the-fact retaliation & punishment (poor credit scores, penalty fees, clawbacks, lawsuits, and/or criminal prosecution) to deter abuse by most over the long term, regardless of what happens from day to day.
The problem with PIN codes gets amplified in the US, because WE tend to have people with lots of low & medium-limit cards. In places like Germany, someone is more likely to have only one or two cards with higher-than-US limits. Somebody with a dozen cards can't be expected to remember a dozen random PIN codes... they'll either use the same PIN for "everything", or write them down (both of which compromise their value to such a degree, they ultimately add little real security & lots of headachej anyway).
I have a Nexus 6P... rooted, running LineageOS. It shows only GPS and Glonass in ChartCross GPStest+. I'm dying to know which subsystem is responsible for enforcing the "this user is in the US, hide Galileo" rule.
The only thing I can think of is that it's part of the Qualcomm radio modem driver... the one opaque binary in the N6P's software stack. I can't see how it could be enforced by Android itself... the moment anyone at XDA saw a brazen difference in kernel code like "boolean galileoAvailable &= !inUS;", it would have been loudly & proudly ripped out and proclaimed as the ultimate l33t hack as a badge of honor within hours.
Insofar as legal authority goes, my guess is that the FCC implied Galileo-disablement as part of its phone certification requirements, and no mfr. wanted to risk delaying a phone by a month or more by failing certification over it by challenging the FCC's authority to enforce it (the industry is largely self-regulating... vendors pay accredited labs to certify compliance, and those labs generally take the view that "anything that MIGHT be forbidden IS considered to be forbidden." because they don't want to jeopardize THEIR OWN accreditation status.
Depending upon where you live, you can now possibly do *far* better than every 10 minutes. TDWR has had 1-minute reflectivity updates for tilt 1 from most/all sites during storm events for a couple of years, now, and 2-minute updates for other tilts.
Likewise, wsr88d radar now grabs an extra scan of the 0.5-degree tilt halfway through the scan (Google: "SAILS"). One thing I really don't understand, though... since the 0.5-degree sweep is the one most useful for tornado tracking, but (pre-SAILS) was ALSO the most "stale" data of any volume scan, why not just reverse the scan order, and do volume scans "top-down" instead of "bottom-up" (so the lowest tilt would have the freshest data of all)?
Likewise, since phased-array radar is still too expensive to use on large scale, why not go with a hybrid approach... keep the rotating antenna, but instead of a single parabolic antenna, make a smaller-scale phased array that does all the tilts from top to bottom simultaneously & rotates to do all the sweeps at once?
My biggest complaint with reduced legroom is the fact that in a crash, your likelihood of surviving is probably considerably less if your kneecaps are already touching the seat in front of you. If ANYTHING causes the seat in front of you to move, it's probably going to kill you as well as the passenger who was occupying that seat. At least when there's a few inches of legroom, the seat could get pushed back by an inch or two without shattering your kneecaps.
Admittedly, this might be an extreme edge case (airframe torn apart upon crashing, you end up alive in the first row that doesn't completely get crushed and shredded, survive the impact, and manage to climb out of the wreckage), but the alternative is pretty horrifying... surviving a crash long enough to spend several agonizing minutes with crushed kneecaps unable to escape, knowing that despite somehow surviving to that point, you were probably going to die a horrible fiery death anyway in 2-3 minutes.
This might work, but it would ONLY be an effective mitigation if:
1. Internet voting ended at least a day before in-person voting (so somebody couldn't coerce you into voting online 10 minutes before the polls closed to negate the possibility that you might go out the next day, vote in person, and cancel out your coerced vote).
2. There's literally NO public paper trail that would allow anyone besides an elections department employee (or maybe certain others, like journalists bound by nondisclosure agreements with teeth [as in, potential jail time for intentional violation] prohibiting the disclosure of any personally-identifying information about specific voters]. Specifically, "John Q. Public's final registered vote was at 6:32pm on November 6, 2018 at Precinct 12, polling site #249"
Privacy and nondisclosure aside, there's another reason to not allow internet voting during the final day -- as insanely bad as the robocalls and political spam text messages were this year, I shudder to imagine how bad they could be if candidates thought they might be able to persuade a few thousand more voters who didn't vote for them the first time around to re-vote online during the final minutes before the deadline if they thought it might somehow pick up a few more voters for them.
Technically, you could probably be really secretive about it without getting caught, but most people who try to do it don't try hiding it, so it's fairly easy for poll workers to catch them and inform them about the rule.
The intent isn't to enforce some draconian zero-tolerance rule or punish people... it's to give people who don't WANT to be forced to document their ballot an easy out, so they can tell anyone who tried to get them to provide proof of how they voted, "I tried, but the poll workers wouldn't let me".
Poll workers make a point of explaining the reason as well as the rule, because very few people are angry about it once they have the reason explained to them.
As a practical matter, few people who do it and get caught have much to re-do anyway when they're given their new ballot... in most cases, someone will get their ballot, fill out the first page with the highest-ranking offices (President, Governor, US Senate, US House of Representatives, etc), then proceed to photograph it with flourish (usually, squealing with glee rather loudly). I suppose someone who filled out 14 pages of offices THEN was told they had to start over would be pretty pissed... but like I said, in nearly all cases, if someone photographs their ballot, it almost always happens early, loudly, and proudly.
If someone REALLY got upset, even after having the rationale explained, they'd probably be allowed to cast the ballot anyway with little more than a shrug from the poll worker and a comment to the effect of, "Well, whatever. I tried to protect your rights, but I can't help if you won't let me. The ballot box is over there. Have a nice day."
> You can take a picture of your ballot with your phone.
Actually, in Florida, you can't. You can take a picture of *a* ballot. You can even take a picture of THE ballot given to you. But the moment you photograph a ballot, it's considered 'spoiled' and has to be exchanged for a fresh one.
There's a fundamental problem with online voting... and it would be a huge problem, even IF you could absolutely guarantee 100% security: it's a serious threat to secret ballots. Right now, in most places, if an ultra-frail person shows up to vote who needs assistance, they election officials will provide a poll worker to help them, but WON'T allow a family member or anyone else to accompany them, for that precise reason.
Right now, a husband and wife can easily cancel out each other's votes. If online voting is allowed, there's little to stop the spouse with more power in the relation ship (or who's less ambivalent about voting) from voting on the other's behalf after getting the spouse to log in.
There are other opportunities for coercion... say, an employer (or union, or any other group) who decides to "encourage voting" via the internet "right now" (in at least semi-public view, with at least some social pressure to vote the "right" way). Think: a politically-active church that, instead of marching its congregation off to early voting at a polling place nearby, passes around tablets after the second collection while encouraging people to vote the "right" way in front of their friends, neighbors, and family members.
Let's not forget the possibility of rounding up a bunch of poor people and offering to pay them $20 apiece if they come "vote online" and cast verified ballots for the "right" candidates.
THIS is why voting needs to occur in private, but in a public location where individual voters CAN'T be coerced by anyone.
The right to a secret, coercion-free ballot is absolutely fundamental. It's at least equal in importance with security, and is arguably part of "integrity". It's a fundamental problem with internet voting that simply CAN'T be solved.
Obviously, it's also a potential problem with absentee ballots sent by mail... the difference is, absentee ballots are an edge case, generally used by a relatively small number of voters. Yeah, there are some elections now held by mail only... but they're for local races that few people care about anyway. The more powerful the office, the greater the stakes.
Amazon is one of the largest companies in America. If something like an earthquake or impending volcanic eruption shut down Amazon's Seattle HQ, it would be DEVASTATING for both consumers AND vendors. As in, "could trigger a cascading chain of business failures & recession" devastating.
Mental image: September 11, 2001. 10:27am. IT guy who just escaped from the WTC South Tower, talking to someone: " Of COURSE we have an emergency data center. It's right over there... in the North Tower..."
Millennials didn't kill wristwatches. They just collectively became adults at the same point in time when everybody started using their phones as de-facto pocket watches.
I'm GenX. I wore a watch religiously until my watch battery died sometime around 2002 & never got replaced because it was too much of a hassle (special tool required) & I had my phone with me all the time anyway. I'm far from unique in this regard. Statistically, almost EVERYONE drifted into phone-as-watch-replacement at some point after they got a cell phone, their watch ceased to work (temporarily or otherwise), and fixing/replacing it was just too much of a hassle to bother with.
DC and NY are the real power base... but Florida is their playground, and where lots of their kids end up moving.
And... we're not *totally* a backwater. Citrix has a major HQ presence in Fort Lauderdale. IBM had a major presence in Boca Raton, whose spun-off divisions mostly still exist under new names & owners. Ditto for the former data-processing division of Eastern Airlines, which got purchased by EDS & (afaik) still exists today as a division of Verizon somewhere in Miami. Motorola still has a large office park in Plantation (Fort Lauderdale). South Florida is a place where it's somewhat challenging to fill positions with locals, but fairly easy to talk people into relocating to. And the qualified locals tend to be fairly top-notch, because quite a few of them personally *built* their company's current south Florida tech. divisions from the ground up. When your career develops in an outpost, you basically *have* to be willing & able to wear multiple hats & drive your own department's birth & growth, because nobody *else* WILL.
Ok, THAT makes sense... except it still makes headlines that "Amazon is building HQ2 in Crystal City" factually incorrect. Potomac Yards isn't Crystal City, any more than Pentagon City is. All three are in Arlington, and all three are adjacent to metro stations (or will be), but none of them are literally synonymous with each other.
No, it won't. Sea level rise will make hurricane storm surge more damaging, but even if we did nothing to mitigate it, it'll be more than a few hundred years before Miami is under any daily existential threat from high tide... and quite a bit longer before any building constructed with sealevel-rise in mind (eg, on concrete pilings, resting on bedrock, first habitable floor at least 20-30' above sea level) will be in danger of destruction from it. South Florida is 100% non-seismic & can pile on the crushed limestone mined nearby with few limits not imposed by economics alone.
I'm disappointed that Miami isn't likely to get HQ2... but I'm still optimistic that we're going to eventually end up as a major Amazon business outpost anyway, if only due to our status as the de-facto business capital of Latin America and Jeff Bezos' own personal ties to the area.
My personal theory is that Miami was never really a serious contender for HQ2, but Amazon used it as somewhat of a bait & switch operation to get Miami to pull out all the stops and offer its best deal, which Amazon can NOW try to grab for a lesser outpost. If Amazon had been up front and said, "we're thinking about building a major outpost in Miami, what can you offer?" Miami would have been delighted... but it wouldn't have literally gone nuts and bent over backwards. But now that the work is done, failing to close the deal on a consolation prize would be seen as a TOTAL loss, compared to closing the deal on a major outpost.
Two major things in Miami's favor:
1. Opportunity to build Amazon's future equivalent of the Sears Tower. Miami DESPERATELY wants to have the tallest skyscraper in America so badly it hurts, and will do just about anything in its power to find Amazon a suitable site & get it approved. As luck would have it, one of the few places where the FAA wouldn't object to a supertall skyscraper is the area around the Brightline station (there are other areas where the FAA wouldn't object per se, but Dade County and Miami International Airport might object because planes would have to take off at steeper angles & burn more fuel... Amazon is probably one of the few companies that actually COULD get them to grudgingly approve it).
2. Brightline. Daily transit aside, Brightline ALSO makes it possible to have afternoon business meetings in downtown Miami involving people who normally work in downtown West Palm Beach and Fort Lauderdale without totally pissing them off or stressing them out. Pre-Brightline, NOBODY would willingly agree to be at a meeting in downtown Miami before 10:30am or after 3pm due to the outrageous gridlock in and out. Tri-Rail wasn't a serious alternative, because the transfer to and from Metrorail added another 30-45 minutes to an ALREADY somewhat-slow trip (and wasn't really up to the standards of senior executives anyway). In contrast, Brightline hauls ass and leapfrogs over everything, allowing you to get from Miami to Fort Lauderdale in a little under 30 minutes... with first-class service, to boot. Thanks to Brightline, an afternoon meeting in downtown Miami is NOW seen as a pleasant opportunity to grab lunch somewhere different, do the meeting, and comfortably leapfrog over all the traffic that would have OTHERWISE turned your 30-minute jaunt into 90+ minutes of stop & go gridlock.
In a few more years, Brightline will make it possible to casually make painless day trips between Miami and Orlando (approx. 3 hours end to end), with an extension to Tampa practically confirmed at this point, and an extension to Jacksonville regarded as overwhelmingly likely to happen within the same time frame as well (Brightline's parent railroad, FEC, already owns the tracks all the way to Jacksonville... and more importantly, owns a staggering amount of real estate adjacent to the tracks IN Jacksonville... compared to the amount of new construction necessary to launch service to Orlando, launching service to Jacksonville would involve little more than the same kind of signal upgrades & station construction they did in Miami, Fort Lauderdale, and WPB). At that point, an Amazon outpost in Miami would be as accessible to Orlando as an Amazon HQ in Crystal City would be to New York. Extend Brightline to Tampa & Jacksonville, and both would be the same travel time to Miami as Boston is to DC via Acela.
That's why Florida's business community have all gone nuts over Brightline once it convinced them that they're in business for the long haul & fully intend to Make It Happen, and why Rick Scott (never exactly known for being a fan of passenger rail) suddenly got Ne
Does Crystal City (or at least, any part within sane walking distance of the Metro station) actually HAVE undeveloped land suitable for new development? The last time I was there, it already seemed to be pretty "built out".
The only advantage Crystal City seems to have compared to the area between Tysons Corner & Dulles is service by two metro lines (esp. yellow) into DC that *aren't* both completely choked.
The last time I visited Rosslyn, it was almost impossible to board the train at Rosslyn station, because every single outbound train from DC was packed to the point where you couldn't get on, and nobody actually GOT OFF at Rosslyn to make room for the horde at Rosslyn to board.
Frankly, I have no idea how Rosslyn station can possibly deal with Silver Line traffic ON TOP OF Blue & Orange, because it was 100% saturated years ago just by Blue & Orange alone. I'm guessing that the Rosslyn chokepoint was a major factor against a site near the new Silver line and/or Dulles... Metro isn't really useful as a travel mode in or out of DC proper if you can't actually BOARD at a station due to inadequate capacity.
I read somewhere that as a stopgap measure, they were exploring the idea of making Silver-line trains ~50% longer than the platforms... the idea being that middle cars would stop at every station, but cars at the front or rear would only stop at alternating stations (and lengthened platforms at suburban stations, which are mostly above-ground to begin with & fairly cheap to extend compared to mined-out stations underground).
So, India's population almost doubled between 1950 and 1978, and literally doubled between 1978 and the present.
Rural-vs-Urban is a whacked-out mess pretty much EVERYWHERE, including the US.
The truth is, the postwar baby boom, and the much smaller generation that came before it, both had their origins in the Influenza Pandemic and Great Depression. After the pandemic, American families no longer had confidence that their kids would all live to reach adulthood, and the birthrate went off the scale for YEARS. The kids who were part of the large generation born between the Pandemic and Great Depression went on to be the parents of the Baby Boom generation. The kids who were part of the much, much smaller generation born during the Great Depression and World War II went on to be the parents of GenX. Baby Boomers heard the horror stories of being in a large impoverished family during the Great Depression from their parents, had birth control readily available for the first time, and made full use of it to keep their own family sizes down to approximately 2 kids. GenX kids grew up with parents who were a part of comparatively SMALL families, dismissed the stories of their grandparents' poverty as irrelevant, and took things like birth control for granted. Millennials were a generational tidal wave not because Boomers had huge families, but just because there were so freakin' many of them to begin with. The as-yet-unnamed-GenZ kids started out as a small generation due to GenX being small... but ended up suddenly growing by 25-50% in the metaphorical "ninth inning" due to late-life accidental pregnancies.
IMHO, the last-minute increase in the size of GenZ probably isn't an entirely bad thing. With GreatestGeneration->LostGeneration->Boomer->GenX->Millennial, we set ourselves up for an eternal demographic tsunami every 15-20 years, only to have things like newly-enlarged school districts see their populations collapse during the following 15-20 years before repeating the cycle all over again. Now, the size difference between alternating generations has been muted a bit, so that hopefully, going forward, things like populations of school kids will be more constant over time. GenX had way more kids than predicted, but Millennials and everyone coming later will probably have way fewer kids than models originally predicted due mainly to the constantly increasing age at which women have their first child.
At some point, we'll probably have a future blip when women in their 20s start routinely freezing eggs so they can pay a surrogate to carry children for them when they themselves are well into their 50s... but that won't have quite as much net impact as past blips, because the women who'll be getting paid to CARRY those children will be women who would have otherwise probably had kids of their own (ultimately, reducing the total number of babies born per year, even if individual women start having more babies than ever).
Technically, we're likely to end up with 10 billion+ people on Earth within the next century or so, even IF everyone became educated, well-fed, and lived in peace starting tomorrow afternoon. Why? Historically, it takes a couple of generations for affluence & education to "sink in" -- and overcome parental nagging.
Take India. Its population has almost doubled within the past few decades, even though its education level, affluence, urbanization, food, and everything else has approached modern first-world norms. Why? Nagging parents who'll never give them a moment of peace until they have at least three kids. They know there's no reason to have more than 2 kids, they probably don't even WANT more than 2 kids (or any)... but all they EVER hear is their mom complaining because she wants more grandkids. The serious push-back against nagging parents takes another generation or two after everything else has settled down.
Even if you assume that India & China are both mostly over the curve, Africa hasn't even STARTED its final baby boom yet. And there are plenty of other countries in Asia that are still either in the early stages of it, or right in the middle of it.
Even in the US, we still have occasional ripples. When GenX was growing up, families with more than 2 kids were kind of rare, and families with more than 3 kids were almost unheard of unless you had a blended family with two divorced parents who brought two kids apiece into the new marriage. Fast forward to GenX adulthood... 1.9 kids, right according to plan... then, out of the blue... a random, unexpected romantic weekend involving sex for the first time in years (and probably years after the last time birth control was used), followed by baby #3 nine months later. Oops.
Millennials are less likely to have the same problem... not due to better birth control practices, but the simple fact of delaying first-time motherhood until well past 30. GenX women who had baby #1 in their early 20s were still in their late 30s when child #1 got sent away to college & the marital festivities began. Millennial women who had baby #1 at 35 will be approaching 50 by the time their kids have their first overnight school trip in high school, making baby #3 at that point extremely unlikely.
I'd be delighted if I could buy sulfite-preserved shredded lettuce at the grocery store. I don't have sulfite allergies, so they're harmless to me... and I absolutely HATE wasting most of a $2 bag of shredded lettuce because it ends up turning brown before I have enough time to use even half of it.
I feel the same way about cat food. Somewhere along the line, marketing departments got the crazy idea that high-quality cat food has to be "all natural" and free of artificial flavors. The problem is, a cat who's been eating artificially-flavored cat food since birth won't EAT cat food made without artificial flavorings, because it just doesn't taste good to them. To an average cat, high-quality "all natural" food made without artificial flavorings is about as appealing as liver & broccoli to a small child (or adult, for that matter). Humans will eat almost anything if we're hungry and desperate enough... cats won't. They'll literally starve themselves to death before eating food that they don't like. So... I continue my quest to find anything better-quality than Fancy Feast that my cats will actually eat, and keep spending $1.50-2/can on random high-quality foods to try every few days that they ultimately just sniff at & walk away from in protest.
How, exactly, are Russia and China going to use GLONASS and BeiDou to track you? They're satellite constellations in space that basically broadcast highly-accurate timestamps that are used along with published ephemera data to determine location based upon the measured time of reception vs the received timestamp.
Yeah, 99% of phones fetch ephemera data over the internet... but that's just a convenience that allows them to grab it in a single gulp within a few milliseconds, instead of collecting it a few bits at a time over the span of ~10 minutes as it gets interleaved into the satellite broadcasts themselves. There's no insidious two-way data-transfer involved. If you want to be paranoid, you can use any of the systems in a completely 100% offline manner, just like GPS.
If anything, the slightly adversarial nature of US, Chinese, and Russian foreign policy means that the likelihood that even two out of the three would ever agree about anything long enough to intentionally degrade the accuracy of their satnav constellation services is approximately zero. A device can literally scoop up data from all three, compare it for accuracy with 2-out-of-three voting, and just throw away whichever one seems to be in disagreement. Even IF two out of the three managed to negotiate a period of mutual service degradation, by the time it actually happened their original motivation for doing it would almost certainly be moot. The fact that all three are adversaries helps to keep all three honest.
TL/DR: your personal use, or non-use, of GLONASS and BeiDou have absolutely zero impact upon the ability of either China or Russia to track you. Neither country cares at all whether or not you use their service, and intentionally refusing to use them achieves nothing besides diminishing the accuracy of your own satnav devices.
I remember the doors on the peoplemover at Atlanta Airport in the early 80s. From what I recall, they wouldn't crush you or allow the train to depart unless the doors were completely closed... but they weren't particularly GENTLE about closing, or proactive about re-opening if you DID get caught in them. The synthesized voice would sternly shout, "Stop boarding!" three times and slam the doors shut. If you got caught in them, a flashing light would go off, you'd be loudly scolded by the same robotic voice in front of the entire train (and possibly an employee) while you were still stuck in the door, THEN the doors would momentarily slide open again (leaving you with a bruise to motivate you to move more quickly next time). I'm sure they've toned down the aggressiveness quite a bit since then, but it definitely worked... you could see the literal FEAR in people's eyes if they were anywhere NEAR the doors when the "Stop boarding!" began.
> The last time worms came close to "ravaging the Internet" was 15 years ago
Not quite. There was plenty of nasty stuff a couple of years ago involving buffer overflows, especially a particularly nasty one caused by the way a very popular image library handled JPEG files that ended up enabling "drive-by" exploits.
On the hierarchy of badness for a typical non-enterprise user, "drive-by" exploits are absolutely, positively the worst, because those are the exploits that can nail even people who are aware & prudent (without necessarily succumbing into paralysis and tinfoil-hat paranoia).
One half step down are vulnerabilities that involve the kind of attacks that can be carried out remotely against arbitrary systems over the internet. Simple NAT is often more than good enough to protect against THESE, even if it's just a lucky side effect. Firewalls are effective against "most" of the rest, with the exception of high-value targets that are explicitly sought out.
Slightly lower than those are attacks that rely on trusted agents. For example, an attack that uses a compromised computer sitting on your internal network to carry out activities that couldn't be carried out directly by someone over the internet itself.
Moving WAY down the list (from the perspective of home users), you have the kind of attacks that allow privilege escalation... but only with the active assistance of a trusted user who has physical access to the hardware itself. Things like malicious USB keys and trojans are the main vectors here that are likely to really concern a home user. The risk that a second legitimate user might be able to intentionally do something that a legitimate admin regards as naughty is a very, very, extraordinarily-distant concern to home users... but a very BIG concern to people who administer things like networks in schools, libraries, and large enterprises.
Near the bottom of the bin (from the perspective of home users) are attacks that enable code running in one hypervisor to compromise data running in another. These are horrific to companies that provide hosting services, but almost a complete non-issue to home users.
The catch is, there are ALSO plenty of security vulnerabilities that were a total non-issue to home users 20 years ago, but have BECOME an issue in recent years. Prior to the large-scale emergence of rootkit trojans, privilege-escalation was almost a complete non-concern to home users, if only because Windows ITSELF barely enforced any kind of limits on code-execution for home users not running on enterprise networks under group policy limits. The rapid popularity of single-sign-on services like Facebook & Google made request-forging and impersonation attacks something that suddenly mattered to normal home users, whereas previously it was something that was of concern mostly to enterprises (who were just about the only users who could AFFORD single-sign-on solutions).
And frankly, the capabilities that have been semi-insidiously added to Javascript over the past few years by Firefox, Chrome/Webkit, and Microsoft are just plain horrifying (Jesus God, compiling Javascript to NATIVE CODE?!? So much for ANY remaining pretense of containment...). And that's coming from someone who used to laugh at tinfoil-hat people who refused to enable Javascript.
IMHO, though, the thing that will REALLY send us down the security black hole is the growth of artificial intelligence. It's one thing to have an exploit that can sniff the contents of random memory addresses and obtain context-free data that could be an AES key... or nothing more an a single byte of a JPEG image. It's another matter ENTIRELY if attackers have the ability to take 27k of seemingly-random chunks of memory and effectively do pattern-recognition on it to quickly FIND things likely to be an AES key, or a RSA private key.
Here's a practical metaphor: suppose you accidentally throw your house key in the trash, and it ends up at the landfill. At the present time, it's almost a complete, total
Judging from about 2 minutes worth of Google-grazing, it looks like the FHD panel is officially 144hz, but the 3840x2160 might only be 60hz max. Apparently, as of late 2017, 4k panels capable of 144hz were criticized for having poor contrast. Seeing how small and niche the market for 4k@144hz panels still is, I give it 50-50 odds that the panels available today are probably still the exact same panels available last year. On the plus side, both the FHD and 4k panels are matte IPS.
Part of why I'm so insistent on the internal panel doing 144hz is because I went through hell when I got two 144hz monitors to use with my laptop. Dell designed it so the Quadro uses the integrated Intel HD 6000 video as a crossbar to connect the Quadro to the internal panel. I'm not sure whether the restriction is imposed by Microsoft, NVIDIA, or Intel, but unless you disable Intel HD 6000 video entirely (and by extension, disable use of the internal panel until you re-enable it), Windows won't allow you to use 120hz on any OTHER displays, either. So if you want to use the internal panel plus two external monitors, you're limited to 60hz on all of them. If you want to use 120hz with ONLY the two external ones, you have to shut down, go into the BIOS, disable Intel HD video, and boot back into Windows. And hope you don't forget to re-enable it before the next time you try to use the laptop with only its internal display away from home. Ugh.
No, this is on the same device that's running Google Maps & Waze, at the same TIME it's running Google Maps & Waze. Maps/Waze will complain that there's "no GPS", I'll switch to ChartCross GPS Test+, get a location fix within 10 meters within a second or two, kill & re-launch Maps or Waze, and they'll STILL complain that there's "no GPS".
From what I've read, it's partly because Maps & Waze don't view the phone's "GPS" as a particularly high-resolution source of data. Apparently, they don't even LOOK at the phone's "real" GPS/Glonass until they've completely given up on figuring out your location by tower-triangulation, wifi-sniffing, and using the gyro/accelerometer/magnetometer to detect turns and motion. If you're someplace like an arrow-straight highway with no turns, no traffic lights, no discernible nearby wifi, and unreliable wireless data service (like I-75 across the Florida Everglades), both Google Maps & Waze end up in a world of pain, because a strategy that works reasonably well in dense urban areas (with lots of wifi SSIDs mapped by Google) falls flat on its face out in the middle of the Everglades.
I have my fingers crossed for the RED Hydrogen One. If it ends up being easily-rootable, I'll probably be getting one to replace my Nexus 6P (one of the best Android phones, ever... but its battery problems are really starting to annoy me, and unfortunately it's just not quite up to the task of running Daydream VR and ARCore (it has the raw specs "on paper", but literally can't take the heat).
Google Maps' location service usage totally mystifies me. I've had multiple times over the past few months when Google Maps and/or Waze both SWEAR that "GPS is not available" (or act like it's unavailable), yet ChartCross GPS Test Pro reports that I have more than a dozen GPS+Glonass satellites in view & can figure out where I am with sub-10m accuracy.
I've noticed in particular that both apps get really, REALLY confused if you're someplace that has poor/no internet connectivity (like I-75 across the Florida Everglades, especially the western half). It's like they get so distraught about being unable to contact Google, they completely FORGET that the phone is entirely capable of figuring out its location all by itself locally & don't even TRY.
Slashdot Mirror
The WAY card chips get used in the US is different from Europe, even though it's (more or less) the same underlying hardware.
In the US, chips attest that SOMEONE (probably) had physical possession of the card at the time of a first transaction (as opposed to merely knowing its number, or cloning its mag stripe. In Europe, they go a step further & attest (via PIN) that the authorized user was likely to be the one who intended the transaction.
Contrary to popular belief, signatures do nothing to directly validate credit card purchases at the time of transaction. Nobody compares the signature on file or on the back, because it's too wildly unreliable in both directions -- they're easy for someone who's seen your signature to forge, and most people's signatures aren't consistent over time anyway.
The purpose signatures DO serve is to *massively* amplify the legal consequences of fraud if you do it and get caught.
The entire US financial system depends not (directly) upon transaction-time security, but on the ability of banks to absorb temporary & permanent losses so it can focus on after-the-fact retaliation & punishment (poor credit scores, penalty fees, clawbacks, lawsuits, and/or criminal prosecution) to deter abuse by most over the long term, regardless of what happens from day to day.
The problem with PIN codes gets amplified in the US, because WE tend to have people with lots of low & medium-limit cards. In places like Germany, someone is more likely to have only one or two cards with higher-than-US limits. Somebody with a dozen cards can't be expected to remember a dozen random PIN codes... they'll either use the same PIN for "everything", or write them down (both of which compromise their value to such a degree, they ultimately add little real security & lots of headachej anyway).
I have a Nexus 6P... rooted, running LineageOS. It shows only GPS and Glonass in ChartCross GPStest+. I'm dying to know which subsystem is responsible for enforcing the "this user is in the US, hide Galileo" rule.
The only thing I can think of is that it's part of the Qualcomm radio modem driver... the one opaque binary in the N6P's software stack. I can't see how it could be enforced by Android itself... the moment anyone at XDA saw a brazen difference in kernel code like "boolean galileoAvailable &= !inUS;", it would have been loudly & proudly ripped out and proclaimed as the ultimate l33t hack as a badge of honor within hours.
Insofar as legal authority goes, my guess is that the FCC implied Galileo-disablement as part of its phone certification requirements, and no mfr. wanted to risk delaying a phone by a month or more by failing certification over it by challenging the FCC's authority to enforce it (the industry is largely self-regulating... vendors pay accredited labs to certify compliance, and those labs generally take the view that "anything that MIGHT be forbidden IS considered to be forbidden." because they don't want to jeopardize THEIR OWN accreditation status.
Depending upon where you live, you can now possibly do *far* better than every 10 minutes. TDWR has had 1-minute reflectivity updates for tilt 1 from most/all sites during storm events for a couple of years, now, and 2-minute updates for other tilts.
Likewise, wsr88d radar now grabs an extra scan of the 0.5-degree tilt halfway through the scan (Google: "SAILS"). One thing I really don't understand, though... since the 0.5-degree sweep is the one most useful for tornado tracking, but (pre-SAILS) was ALSO the most "stale" data of any volume scan, why not just reverse the scan order, and do volume scans "top-down" instead of "bottom-up" (so the lowest tilt would have the freshest data of all)?
Likewise, since phased-array radar is still too expensive to use on large scale, why not go with a hybrid approach... keep the rotating antenna, but instead of a single parabolic antenna, make a smaller-scale phased array that does all the tilts from top to bottom simultaneously & rotates to do all the sweeps at once?
My biggest complaint with reduced legroom is the fact that in a crash, your likelihood of surviving is probably considerably less if your kneecaps are already touching the seat in front of you. If ANYTHING causes the seat in front of you to move, it's probably going to kill you as well as the passenger who was occupying that seat. At least when there's a few inches of legroom, the seat could get pushed back by an inch or two without shattering your kneecaps.
Admittedly, this might be an extreme edge case (airframe torn apart upon crashing, you end up alive in the first row that doesn't completely get crushed and shredded, survive the impact, and manage to climb out of the wreckage), but the alternative is pretty horrifying... surviving a crash long enough to spend several agonizing minutes with crushed kneecaps unable to escape, knowing that despite somehow surviving to that point, you were probably going to die a horrible fiery death anyway in 2-3 minutes.
This might work, but it would ONLY be an effective mitigation if:
1. Internet voting ended at least a day before in-person voting (so somebody couldn't coerce you into voting online 10 minutes before the polls closed to negate the possibility that you might go out the next day, vote in person, and cancel out your coerced vote).
2. There's literally NO public paper trail that would allow anyone besides an elections department employee (or maybe certain others, like journalists bound by nondisclosure agreements with teeth [as in, potential jail time for intentional violation] prohibiting the disclosure of any personally-identifying information about specific voters]. Specifically, "John Q. Public's final registered vote was at 6:32pm on November 6, 2018 at Precinct 12, polling site #249"
Privacy and nondisclosure aside, there's another reason to not allow internet voting during the final day -- as insanely bad as the robocalls and political spam text messages were this year, I shudder to imagine how bad they could be if candidates thought they might be able to persuade a few thousand more voters who didn't vote for them the first time around to re-vote online during the final minutes before the deadline if they thought it might somehow pick up a few more voters for them.
Technically, you could probably be really secretive about it without getting caught, but most people who try to do it don't try hiding it, so it's fairly easy for poll workers to catch them and inform them about the rule.
The intent isn't to enforce some draconian zero-tolerance rule or punish people... it's to give people who don't WANT to be forced to document their ballot an easy out, so they can tell anyone who tried to get them to provide proof of how they voted, "I tried, but the poll workers wouldn't let me".
Poll workers make a point of explaining the reason as well as the rule, because very few people are angry about it once they have the reason explained to them.
As a practical matter, few people who do it and get caught have much to re-do anyway when they're given their new ballot... in most cases, someone will get their ballot, fill out the first page with the highest-ranking offices (President, Governor, US Senate, US House of Representatives, etc), then proceed to photograph it with flourish (usually, squealing with glee rather loudly). I suppose someone who filled out 14 pages of offices THEN was told they had to start over would be pretty pissed... but like I said, in nearly all cases, if someone photographs their ballot, it almost always happens early, loudly, and proudly.
If someone REALLY got upset, even after having the rationale explained, they'd probably be allowed to cast the ballot anyway with little more than a shrug from the poll worker and a comment to the effect of, "Well, whatever. I tried to protect your rights, but I can't help if you won't let me. The ballot box is over there. Have a nice day."
> You can take a picture of your ballot with your phone.
Actually, in Florida, you can't. You can take a picture of *a* ballot. You can even take a picture of THE ballot given to you. But the moment you photograph a ballot, it's considered 'spoiled' and has to be exchanged for a fresh one.
There's a fundamental problem with online voting... and it would be a huge problem, even IF you could absolutely guarantee 100% security: it's a serious threat to secret ballots. Right now, in most places, if an ultra-frail person shows up to vote who needs assistance, they election officials will provide a poll worker to help them, but WON'T allow a family member or anyone else to accompany them, for that precise reason.
Right now, a husband and wife can easily cancel out each other's votes. If online voting is allowed, there's little to stop the spouse with more power in the relation ship (or who's less ambivalent about voting) from voting on the other's behalf after getting the spouse to log in.
There are other opportunities for coercion... say, an employer (or union, or any other group) who decides to "encourage voting" via the internet "right now" (in at least semi-public view, with at least some social pressure to vote the "right" way). Think: a politically-active church that, instead of marching its congregation off to early voting at a polling place nearby, passes around tablets after the second collection while encouraging people to vote the "right" way in front of their friends, neighbors, and family members.
Let's not forget the possibility of rounding up a bunch of poor people and offering to pay them $20 apiece if they come "vote online" and cast verified ballots for the "right" candidates.
THIS is why voting needs to occur in private, but in a public location where individual voters CAN'T be coerced by anyone.
The right to a secret, coercion-free ballot is absolutely fundamental. It's at least equal in importance with security, and is arguably part of "integrity". It's a fundamental problem with internet voting that simply CAN'T be solved.
Obviously, it's also a potential problem with absentee ballots sent by mail... the difference is, absentee ballots are an edge case, generally used by a relatively small number of voters. Yeah, there are some elections now held by mail only... but they're for local races that few people care about anyway. The more powerful the office, the greater the stakes.
It's called, "continuity of business".
Amazon is one of the largest companies in America. If something like an earthquake or impending volcanic eruption shut down Amazon's Seattle HQ, it would be DEVASTATING for both consumers AND vendors. As in, "could trigger a cascading chain of business failures & recession" devastating.
Mental image: September 11, 2001. 10:27am. IT guy who just escaped from the WTC South Tower, talking to someone: " Of COURSE we have an emergency data center. It's right over there... in the North Tower..."
Millennials didn't kill wristwatches. They just collectively became adults at the same point in time when everybody started using their phones as de-facto pocket watches.
I'm GenX. I wore a watch religiously until my watch battery died sometime around 2002 & never got replaced because it was too much of a hassle (special tool required) & I had my phone with me all the time anyway. I'm far from unique in this regard. Statistically, almost EVERYONE drifted into phone-as-watch-replacement at some point after they got a cell phone, their watch ceased to work (temporarily or otherwise), and fixing/replacing it was just too much of a hassle to bother with.
DC and NY are the real power base... but Florida is their playground, and where lots of their kids end up moving.
And... we're not *totally* a backwater. Citrix has a major HQ presence in Fort Lauderdale. IBM had a major presence in Boca Raton, whose spun-off divisions mostly still exist under new names & owners. Ditto for the former data-processing division of Eastern Airlines, which got purchased by EDS & (afaik) still exists today as a division of Verizon somewhere in Miami. Motorola still has a large office park in Plantation (Fort Lauderdale). South Florida is a place where it's somewhat challenging to fill positions with locals, but fairly easy to talk people into relocating to. And the qualified locals tend to be fairly top-notch, because quite a few of them personally *built* their company's current south Florida tech. divisions from the ground up. When your career develops in an outpost, you basically *have* to be willing & able to wear multiple hats & drive your own department's birth & growth, because nobody *else* WILL.
Ok, THAT makes sense... except it still makes headlines that "Amazon is building HQ2 in Crystal City" factually incorrect. Potomac Yards isn't Crystal City, any more than Pentagon City is. All three are in Arlington, and all three are adjacent to metro stations (or will be), but none of them are literally synonymous with each other.
No, it won't. Sea level rise will make hurricane storm surge more damaging, but even if we did nothing to mitigate it, it'll be more than a few hundred years before Miami is under any daily existential threat from high tide... and quite a bit longer before any building constructed with sealevel-rise in mind (eg, on concrete pilings, resting on bedrock, first habitable floor at least 20-30' above sea level) will be in danger of destruction from it. South Florida is 100% non-seismic & can pile on the crushed limestone mined nearby with few limits not imposed by economics alone.
I'm disappointed that Miami isn't likely to get HQ2... but I'm still optimistic that we're going to eventually end up as a major Amazon business outpost anyway, if only due to our status as the de-facto business capital of Latin America and Jeff Bezos' own personal ties to the area.
My personal theory is that Miami was never really a serious contender for HQ2, but Amazon used it as somewhat of a bait & switch operation to get Miami to pull out all the stops and offer its best deal, which Amazon can NOW try to grab for a lesser outpost. If Amazon had been up front and said, "we're thinking about building a major outpost in Miami, what can you offer?" Miami would have been delighted... but it wouldn't have literally gone nuts and bent over backwards. But now that the work is done, failing to close the deal on a consolation prize would be seen as a TOTAL loss, compared to closing the deal on a major outpost.
Two major things in Miami's favor:
1. Opportunity to build Amazon's future equivalent of the Sears Tower. Miami DESPERATELY wants to have the tallest skyscraper in America so badly it hurts, and will do just about anything in its power to find Amazon a suitable site & get it approved. As luck would have it, one of the few places where the FAA wouldn't object to a supertall skyscraper is the area around the Brightline station (there are other areas where the FAA wouldn't object per se, but Dade County and Miami International Airport might object because planes would have to take off at steeper angles & burn more fuel... Amazon is probably one of the few companies that actually COULD get them to grudgingly approve it).
2. Brightline. Daily transit aside, Brightline ALSO makes it possible to have afternoon business meetings in downtown Miami involving people who normally work in downtown West Palm Beach and Fort Lauderdale without totally pissing them off or stressing them out. Pre-Brightline, NOBODY would willingly agree to be at a meeting in downtown Miami before 10:30am or after 3pm due to the outrageous gridlock in and out. Tri-Rail wasn't a serious alternative, because the transfer to and from Metrorail added another 30-45 minutes to an ALREADY somewhat-slow trip (and wasn't really up to the standards of senior executives anyway). In contrast, Brightline hauls ass and leapfrogs over everything, allowing you to get from Miami to Fort Lauderdale in a little under 30 minutes... with first-class service, to boot. Thanks to Brightline, an afternoon meeting in downtown Miami is NOW seen as a pleasant opportunity to grab lunch somewhere different, do the meeting, and comfortably leapfrog over all the traffic that would have OTHERWISE turned your 30-minute jaunt into 90+ minutes of stop & go gridlock.
In a few more years, Brightline will make it possible to casually make painless day trips between Miami and Orlando (approx. 3 hours end to end), with an extension to Tampa practically confirmed at this point, and an extension to Jacksonville regarded as overwhelmingly likely to happen within the same time frame as well (Brightline's parent railroad, FEC, already owns the tracks all the way to Jacksonville... and more importantly, owns a staggering amount of real estate adjacent to the tracks IN Jacksonville... compared to the amount of new construction necessary to launch service to Orlando, launching service to Jacksonville would involve little more than the same kind of signal upgrades & station construction they did in Miami, Fort Lauderdale, and WPB). At that point, an Amazon outpost in Miami would be as accessible to Orlando as an Amazon HQ in Crystal City would be to New York. Extend Brightline to Tampa & Jacksonville, and both would be the same travel time to Miami as Boston is to DC via Acela.
That's why Florida's business community have all gone nuts over Brightline once it convinced them that they're in business for the long haul & fully intend to Make It Happen, and why Rick Scott (never exactly known for being a fan of passenger rail) suddenly got Ne
Does Crystal City (or at least, any part within sane walking distance of the Metro station) actually HAVE undeveloped land suitable for new development? The last time I was there, it already seemed to be pretty "built out".
The only advantage Crystal City seems to have compared to the area between Tysons Corner & Dulles is service by two metro lines (esp. yellow) into DC that *aren't* both completely choked.
The last time I visited Rosslyn, it was almost impossible to board the train at Rosslyn station, because every single outbound train from DC was packed to the point where you couldn't get on, and nobody actually GOT OFF at Rosslyn to make room for the horde at Rosslyn to board.
Frankly, I have no idea how Rosslyn station can possibly deal with Silver Line traffic ON TOP OF Blue & Orange, because it was 100% saturated years ago just by Blue & Orange alone. I'm guessing that the Rosslyn chokepoint was a major factor against a site near the new Silver line and/or Dulles... Metro isn't really useful as a travel mode in or out of DC proper if you can't actually BOARD at a station due to inadequate capacity.
I read somewhere that as a stopgap measure, they were exploring the idea of making Silver-line trains ~50% longer than the platforms... the idea being that middle cars would stop at every station, but cars at the front or rear would only stop at alternating stations (and lengthened platforms at suburban stations, which are mostly above-ground to begin with & fairly cheap to extend compared to mined-out stations underground).
In 1950, India's population was 359 million.
In 1978, it was approximately 665 million.
As of this year, it's approximately 1.3 billion.
So, India's population almost doubled between 1950 and 1978, and literally doubled between 1978 and the present.
Rural-vs-Urban is a whacked-out mess pretty much EVERYWHERE, including the US.
The truth is, the postwar baby boom, and the much smaller generation that came before it, both had their origins in the Influenza Pandemic and Great Depression. After the pandemic, American families no longer had confidence that their kids would all live to reach adulthood, and the birthrate went off the scale for YEARS. The kids who were part of the large generation born between the Pandemic and Great Depression went on to be the parents of the Baby Boom generation. The kids who were part of the much, much smaller generation born during the Great Depression and World War II went on to be the parents of GenX. Baby Boomers heard the horror stories of being in a large impoverished family during the Great Depression from their parents, had birth control readily available for the first time, and made full use of it to keep their own family sizes down to approximately 2 kids. GenX kids grew up with parents who were a part of comparatively SMALL families, dismissed the stories of their grandparents' poverty as irrelevant, and took things like birth control for granted. Millennials were a generational tidal wave not because Boomers had huge families, but just because there were so freakin' many of them to begin with. The as-yet-unnamed-GenZ kids started out as a small generation due to GenX being small... but ended up suddenly growing by 25-50% in the metaphorical "ninth inning" due to late-life accidental pregnancies.
IMHO, the last-minute increase in the size of GenZ probably isn't an entirely bad thing. With GreatestGeneration->LostGeneration->Boomer->GenX->Millennial, we set ourselves up for an eternal demographic tsunami every 15-20 years, only to have things like newly-enlarged school districts see their populations collapse during the following 15-20 years before repeating the cycle all over again. Now, the size difference between alternating generations has been muted a bit, so that hopefully, going forward, things like populations of school kids will be more constant over time. GenX had way more kids than predicted, but Millennials and everyone coming later will probably have way fewer kids than models originally predicted due mainly to the constantly increasing age at which women have their first child.
At some point, we'll probably have a future blip when women in their 20s start routinely freezing eggs so they can pay a surrogate to carry children for them when they themselves are well into their 50s... but that won't have quite as much net impact as past blips, because the women who'll be getting paid to CARRY those children will be women who would have otherwise probably had kids of their own (ultimately, reducing the total number of babies born per year, even if individual women start having more babies than ever).
Technically, we're likely to end up with 10 billion+ people on Earth within the next century or so, even IF everyone became educated, well-fed, and lived in peace starting tomorrow afternoon. Why? Historically, it takes a couple of generations for affluence & education to "sink in" -- and overcome parental nagging.
Take India. Its population has almost doubled within the past few decades, even though its education level, affluence, urbanization, food, and everything else has approached modern first-world norms. Why? Nagging parents who'll never give them a moment of peace until they have at least three kids. They know there's no reason to have more than 2 kids, they probably don't even WANT more than 2 kids (or any)... but all they EVER hear is their mom complaining because she wants more grandkids. The serious push-back against nagging parents takes another generation or two after everything else has settled down.
Even if you assume that India & China are both mostly over the curve, Africa hasn't even STARTED its final baby boom yet. And there are plenty of other countries in Asia that are still either in the early stages of it, or right in the middle of it.
Even in the US, we still have occasional ripples. When GenX was growing up, families with more than 2 kids were kind of rare, and families with more than 3 kids were almost unheard of unless you had a blended family with two divorced parents who brought two kids apiece into the new marriage. Fast forward to GenX adulthood... 1.9 kids, right according to plan... then, out of the blue... a random, unexpected romantic weekend involving sex for the first time in years (and probably years after the last time birth control was used), followed by baby #3 nine months later. Oops.
Millennials are less likely to have the same problem... not due to better birth control practices, but the simple fact of delaying first-time motherhood until well past 30. GenX women who had baby #1 in their early 20s were still in their late 30s when child #1 got sent away to college & the marital festivities began. Millennial women who had baby #1 at 35 will be approaching 50 by the time their kids have their first overnight school trip in high school, making baby #3 at that point extremely unlikely.
I'd be delighted if I could buy sulfite-preserved shredded lettuce at the grocery store. I don't have sulfite allergies, so they're harmless to me... and I absolutely HATE wasting most of a $2 bag of shredded lettuce because it ends up turning brown before I have enough time to use even half of it.
I feel the same way about cat food. Somewhere along the line, marketing departments got the crazy idea that high-quality cat food has to be "all natural" and free of artificial flavors. The problem is, a cat who's been eating artificially-flavored cat food since birth won't EAT cat food made without artificial flavorings, because it just doesn't taste good to them. To an average cat, high-quality "all natural" food made without artificial flavorings is about as appealing as liver & broccoli to a small child (or adult, for that matter). Humans will eat almost anything if we're hungry and desperate enough... cats won't. They'll literally starve themselves to death before eating food that they don't like. So... I continue my quest to find anything better-quality than Fancy Feast that my cats will actually eat, and keep spending $1.50-2/can on random high-quality foods to try every few days that they ultimately just sniff at & walk away from in protest.
How, exactly, are Russia and China going to use GLONASS and BeiDou to track you? They're satellite constellations in space that basically broadcast highly-accurate timestamps that are used along with published ephemera data to determine location based upon the measured time of reception vs the received timestamp.
Yeah, 99% of phones fetch ephemera data over the internet... but that's just a convenience that allows them to grab it in a single gulp within a few milliseconds, instead of collecting it a few bits at a time over the span of ~10 minutes as it gets interleaved into the satellite broadcasts themselves. There's no insidious two-way data-transfer involved. If you want to be paranoid, you can use any of the systems in a completely 100% offline manner, just like GPS.
If anything, the slightly adversarial nature of US, Chinese, and Russian foreign policy means that the likelihood that even two out of the three would ever agree about anything long enough to intentionally degrade the accuracy of their satnav constellation services is approximately zero. A device can literally scoop up data from all three, compare it for accuracy with 2-out-of-three voting, and just throw away whichever one seems to be in disagreement. Even IF two out of the three managed to negotiate a period of mutual service degradation, by the time it actually happened their original motivation for doing it would almost certainly be moot. The fact that all three are adversaries helps to keep all three honest.
TL/DR: your personal use, or non-use, of GLONASS and BeiDou have absolutely zero impact upon the ability of either China or Russia to track you. Neither country cares at all whether or not you use their service, and intentionally refusing to use them achieves nothing besides diminishing the accuracy of your own satnav devices.
I remember the doors on the peoplemover at Atlanta Airport in the early 80s. From what I recall, they wouldn't crush you or allow the train to depart unless the doors were completely closed... but they weren't particularly GENTLE about closing, or proactive about re-opening if you DID get caught in them. The synthesized voice would sternly shout, "Stop boarding!" three times and slam the doors shut. If you got caught in them, a flashing light would go off, you'd be loudly scolded by the same robotic voice in front of the entire train (and possibly an employee) while you were still stuck in the door, THEN the doors would momentarily slide open again (leaving you with a bruise to motivate you to move more quickly next time). I'm sure they've toned down the aggressiveness quite a bit since then, but it definitely worked... you could see the literal FEAR in people's eyes if they were anywhere NEAR the doors when the "Stop boarding!" began.
> The last time worms came close to "ravaging the Internet" was 15 years ago
Not quite. There was plenty of nasty stuff a couple of years ago involving buffer overflows, especially a particularly nasty one caused by the way a very popular image library handled JPEG files that ended up enabling "drive-by" exploits.
On the hierarchy of badness for a typical non-enterprise user, "drive-by" exploits are absolutely, positively the worst, because those are the exploits that can nail even people who are aware & prudent (without necessarily succumbing into paralysis and tinfoil-hat paranoia).
One half step down are vulnerabilities that involve the kind of attacks that can be carried out remotely against arbitrary systems over the internet. Simple NAT is often more than good enough to protect against THESE, even if it's just a lucky side effect. Firewalls are effective against "most" of the rest, with the exception of high-value targets that are explicitly sought out.
Slightly lower than those are attacks that rely on trusted agents. For example, an attack that uses a compromised computer sitting on your internal network to carry out activities that couldn't be carried out directly by someone over the internet itself.
Moving WAY down the list (from the perspective of home users), you have the kind of attacks that allow privilege escalation... but only with the active assistance of a trusted user who has physical access to the hardware itself. Things like malicious USB keys and trojans are the main vectors here that are likely to really concern a home user. The risk that a second legitimate user might be able to intentionally do something that a legitimate admin regards as naughty is a very, very, extraordinarily-distant concern to home users... but a very BIG concern to people who administer things like networks in schools, libraries, and large enterprises.
Near the bottom of the bin (from the perspective of home users) are attacks that enable code running in one hypervisor to compromise data running in another. These are horrific to companies that provide hosting services, but almost a complete non-issue to home users.
The catch is, there are ALSO plenty of security vulnerabilities that were a total non-issue to home users 20 years ago, but have BECOME an issue in recent years. Prior to the large-scale emergence of rootkit trojans, privilege-escalation was almost a complete non-concern to home users, if only because Windows ITSELF barely enforced any kind of limits on code-execution for home users not running on enterprise networks under group policy limits. The rapid popularity of single-sign-on services like Facebook & Google made request-forging and impersonation attacks something that suddenly mattered to normal home users, whereas previously it was something that was of concern mostly to enterprises (who were just about the only users who could AFFORD single-sign-on solutions).
And frankly, the capabilities that have been semi-insidiously added to Javascript over the past few years by Firefox, Chrome/Webkit, and Microsoft are just plain horrifying (Jesus God, compiling Javascript to NATIVE CODE?!? So much for ANY remaining pretense of containment...). And that's coming from someone who used to laugh at tinfoil-hat people who refused to enable Javascript.
IMHO, though, the thing that will REALLY send us down the security black hole is the growth of artificial intelligence. It's one thing to have an exploit that can sniff the contents of random memory addresses and obtain context-free data that could be an AES key... or nothing more an a single byte of a JPEG image. It's another matter ENTIRELY if attackers have the ability to take 27k of seemingly-random chunks of memory and effectively do pattern-recognition on it to quickly FIND things likely to be an AES key, or a RSA private key.
Here's a practical metaphor: suppose you accidentally throw your house key in the trash, and it ends up at the landfill. At the present time, it's almost a complete, total
Hmmm... I'll definitely have to look into that.
Judging from about 2 minutes worth of Google-grazing, it looks like the FHD panel is officially 144hz, but the 3840x2160 might only be 60hz max. Apparently, as of late 2017, 4k panels capable of 144hz were criticized for having poor contrast. Seeing how small and niche the market for 4k@144hz panels still is, I give it 50-50 odds that the panels available today are probably still the exact same panels available last year. On the plus side, both the FHD and 4k panels are matte IPS.
Part of why I'm so insistent on the internal panel doing 144hz is because I went through hell when I got two 144hz monitors to use with my laptop. Dell designed it so the Quadro uses the integrated Intel HD 6000 video as a crossbar to connect the Quadro to the internal panel. I'm not sure whether the restriction is imposed by Microsoft, NVIDIA, or Intel, but unless you disable Intel HD 6000 video entirely (and by extension, disable use of the internal panel until you re-enable it), Windows won't allow you to use 120hz on any OTHER displays, either. So if you want to use the internal panel plus two external monitors, you're limited to 60hz on all of them. If you want to use 120hz with ONLY the two external ones, you have to shut down, go into the BIOS, disable Intel HD video, and boot back into Windows. And hope you don't forget to re-enable it before the next time you try to use the laptop with only its internal display away from home. Ugh.
No, this is on the same device that's running Google Maps & Waze, at the same TIME it's running Google Maps & Waze. Maps/Waze will complain that there's "no GPS", I'll switch to ChartCross GPS Test+, get a location fix within 10 meters within a second or two, kill & re-launch Maps or Waze, and they'll STILL complain that there's "no GPS".
From what I've read, it's partly because Maps & Waze don't view the phone's "GPS" as a particularly high-resolution source of data. Apparently, they don't even LOOK at the phone's "real" GPS/Glonass until they've completely given up on figuring out your location by tower-triangulation, wifi-sniffing, and using the gyro/accelerometer/magnetometer to detect turns and motion. If you're someplace like an arrow-straight highway with no turns, no traffic lights, no discernible nearby wifi, and unreliable wireless data service (like I-75 across the Florida Everglades), both Google Maps & Waze end up in a world of pain, because a strategy that works reasonably well in dense urban areas (with lots of wifi SSIDs mapped by Google) falls flat on its face out in the middle of the Everglades.
I have my fingers crossed for the RED Hydrogen One. If it ends up being easily-rootable, I'll probably be getting one to replace my Nexus 6P (one of the best Android phones, ever... but its battery problems are really starting to annoy me, and unfortunately it's just not quite up to the task of running Daydream VR and ARCore (it has the raw specs "on paper", but literally can't take the heat).
Google Maps' location service usage totally mystifies me. I've had multiple times over the past few months when Google Maps and/or Waze both SWEAR that "GPS is not available" (or act like it's unavailable), yet ChartCross GPS Test Pro reports that I have more than a dozen GPS+Glonass satellites in view & can figure out where I am with sub-10m accuracy.
I've noticed in particular that both apps get really, REALLY confused if you're someplace that has poor/no internet connectivity (like I-75 across the Florida Everglades, especially the western half). It's like they get so distraught about being unable to contact Google, they completely FORGET that the phone is entirely capable of figuring out its location all by itself locally & don't even TRY.