Every outfit on the planet integrating malware into their systems say the same thing. X, Y and Z is needed to improve our products. Nobody EVER says the reason is to make the bean counters happy, gain unfair advantage or to sell out users to the highest bidder.
If they are so passionate about feedback in order to improve their product where is the feedback button in Ubuntu? Why can't it *ASK* for feedback or provide UI elements for users encouraging them to complete a survey?
I'm not that much of a Linux desktop user. Have an old version of 16.04 running in a VM and I never once remember seeing an option in the software to send any kind of feedback. No prompts, no nothing. Now I am actively looking in the software. I do a search in settings for feedback or survey... 0 results. I do the same search in help 0 results.. the desktop search... 0 results. If there is a way to send feedback I don't see it. I actively looked and I can't find it.
If they really care why is there no way to ask end users? Why does there appear to not be software to facilitate any kind of feedback? If it is so important why does it appear to not exist?
1. If you want your application to upgrade smoothly over the years, you have to use either the DLL calls or the windows system calls and avoid the statically linked C libraries. For instance, when the times and dates for daylight savings time change, only the windows calls get updated automatically. The statically linked libraries don't get updated. DLL libraries get updated when the DLL gets updated (which can lead to DLL Hell, but that is another story.)
Normally Microsoft C library hands off to windows to process time. When daylight savings time changes statically linked C libraries do not have to be updated or applications recompiled to take advantage of these changes.
They have internal logic that can get out of sync however as a practical matter it's a fallback that is never used.
If you have an application that allocates memory in one DLL and frees it in another
Then the application is BROKEN.
then it is vital that the library that does the memory management be a DLL. Otherwise, each DLL has it's own statically linked memory mapping library, and they don't know about each other's allocations.
2FA is more secure than username/password authentication. Take a break from arguing reality.
Had you have RTFA you would have found out second factor (Smartphone) was used to bypass having to know users password by leveraging automated password reset facility.
Um... I take advantage of Sonos' same terrible, awful, incorrigible security hole all the time, and I am thankful they have them! How else would you control what is playing, adjust volume, configure zones, etc without needing to use the Sonos app that constantly asks to be updated?
Good luck, The problem isn't hackers turning your TV on and off or controlling the channel or volume. It is when one of these exploits lets them use the TV or other IoT device as a jumping off point to the more sensitive points within your network.
Good luck when someone finds a way to inject malware into your network though one of these devices that manages to infect every desktop on the network. Why would someone want to do this you say? Have you ever heard of crypto paid ransomware? Now you know!
If someone can get to your smart TV behind your LAN what stops them from getting to whatever other shit exists behind same LAN? Why is it necessary to hack TV as a jumping off point?
For example say someone with your home WiFi password installs Mr Clean's malware app on their smart phone. What prevents the app from attacking your systems directly without the smart TV foothold?
What access scenario in TFA is necessarily limited to smart TV?
Please don't misunderstand. I'm not arguing rooting televisions is harmless or that your point isn't worth considering. It's just your point assumes a level of selectivity that does not seem credible.
You might say something like "If your router is hacked, have have bigger problems than the fact that someone can control your TV!"
I like the CSRFish argument in TFA. Of all the possibilities this seems to be the most credible vector against average user.
People installing smartphone apps that are actually (surprise) malware or exploit some wizbang browser feature enabling your LAN to be owned when you visit the wrong site by actors who would not otherwise have direct access.
There is NO GOOD REASON why televisions need to be designed in such a way that they are vulnerable to this kind of hacking
Personally I have unauthenticated access configured on my libreelec SBC because I want people to broadcast their drivel to our crummy TV without asking permission. There is value in ease of use to allowing people to control and or broadcast content without authentication. More value than risks in my situation yet everyone has different value judgments and everyone may not be ok with it.
This is why I don't like smart TVs
Hard to fathom sheer amount of negative energy that must have gone into engineering malware like ACR into current televisions. Makes me think it's actually reasonable and prudent to spend the time to open up the set and ground out internal WiFi antenna or pull the wlan card altogether. If manufacturers are willing to display such a high level of contempt for their own customers doesn't seem rational to trust them not to exploit unconfigured WiFi.
Which is a major issue, under no circumstance should a carrier be able to see into a persons account, without the person in question providing security keys or turning off account level encryption.
How do they send out bills, manage and provision access if they can't see into a persons account?
I think you mean to say access controls or masking rather than encryption. Encryption makes no sense in this context. The carrier owns subscriber data NOT the customer.
I never said lawyers should be the arbiters of what is reasonable, as the legal system is massively behind when it comes to technology.
Hard to interpret the words "think this lawsuit has the potential to set a good bar for reasonable security and if it's done right and successfully" in any other way than a prayer for legal precedent.
The first step towards fixing an industry wide issue, such as this, is to get companies who lack security, discredited in the IT community, which is something a number of people are working on.
The IT community is NOT EVER going to discredit ITSELF. I've had a front row seat for centuries as the entire industry blissfully got away with doing stupid shit. Low hanging fruit stupid it knows full well is wrong yet they can't help themselves. They hide behind "EVERYONE DOES IT". The "IT community" is a bunch of spineless followers.
Perhaps 1000 years from now when:
- EVERYONE is no longer entering passwords into adhoc web forms - Give up insecure authentication protocols (e.g. CHAP/Kerberos). - No longer rely entirely on automated procedures based on feedback from insecure protocols (eg DNS and HTTP) to establish trust relationships (PKI) - When banks and ecommerce sites stop filling their pages with faux padlock gifs and meaningless assertions of security. - When anyone in the world can't put whatever the hell they please in the FROM line of an email with an executable payload and the recipient have no clue.
In 1000 years come back and talk to me about security and IT community discrediting itself. Until then I'll keep laughing my ass off at any and all such assertions.
If you give someone an account and nothing stops a customer service rep from getting into that account, or resetting access to that account, that would be a major security violation.
I agree from what is know about T-Mobile case if the customer went out of their way to setup a security procedure to authenticate themselves and T-Mobile failed to live up to their end they should be on the hook for something.
Yet to assert customer service reps bringing up accounts is a major security violation is not something I agree with.
Accounts should always be stored in such a way as to prevent anyone but the user of that account from gaining access, or changing access details, 2FA and encryption help to stop this problem through validation of the account holder.
The account MUST be available in a form accessible to the provider in order to provide and manage service. It can't as a practical matter be encrypted and accessible to nobody but the end customer. This is not a reasonable position to have. It's a complete nonstarter.
If a provider offers enhanced security for CSR access to accounts and the user takes them up on it... god bless. If you think everyone should be required to OFFER some kind of enhanced security... physical token cards, encryption keys then god bless... work to build consensus for that position.
Otherwise in the real world EVERYONE does stupid shit.. check caller id, ask for an SSN or PIN...etc. The only credible alternative are physical trips to a physical office with government issued IDs in hand. This wastes a tremendous amount of everyone's time and resources and simply isn't worth doing by default even if it prevents some fraud.
Nobody is deploying key fobs or encryption keys to their customers by default and even if it did it wouldn't solve much. People will lose or destroy them and expect their service anyway. The chance of this changing any time soon is zero. The change of IT driving such change is zero.
What a great idea. Stock your store with millions of junk apps that amount to little more than glorified hyperlinks. What people really want is to wade through heaps and heaps of garbage only to discover what they really want isn't for sale.
This tactic should win Microsoft enough attention that someone somewhere on earth is guaranteed to buy something from Microsoft by the time 32-bit time_t wraps.
App stores are evil. Windows 10 is malware.
"It's the emptiness that's left. It's like a despair, destroying this world and I have been trying to help it. " ~Microsoft
It sounds like AT&T or T-Mobile (not sure which carrier), was absolutely, partially at fault, for not assuring a reasonable level of security to their infrastructure.
CPNI rules for carriers don't mandate 2FA. They do require change notification and some (unspecified) method of subscriber authentication such as an access PIN.
This entire problem seems to be a classic and disturbing case, of companies not providing reasonable security.
If you think existing laws are insufficient you should work to build consensus to get them changed. Rooting for lawyers to be the arbiters of what is "reasonable" is itself extraordinarily reckless and unreasonable.
If the account in question did not require at least 2FA+ to access, which could of been enabled and disabled by the customer, and it's contents were not fully encrypted, to the point that it required an additional layer or security to unlock, such as a TOTP... I think this lawsuit has the potential to set a good bar for reasonable security and if it's done right and successfully, could finally usher in what is sadly missing from almost every service the average person accesses.
What does encryption and 2FA have to do with T-Mobiles role in any of this? Sounds to me like your confused about the underlying issue.
People are being mislead enmasse into believing 2FA exists to protect them and enhance security when reality is this technology is pushed almost exclusively in public settings as a means to not have to deal with people forgetting their passwords.
Automated reset facilities result effectively in factor x OR factor y rather than factor x AND factor y. This predictably results in a significant reduction of security in the name of not having to deal with considerable administrative burden of "I forgot my password".
Those marketing 2FA as an enhancement to security deserve to be on the receiving end of lawsuits for their deceptions.
This is how a priest justifies the existence of a religion, not how a scientist describes a fact.
Come back to us when you actually have positive results, not some phony belief.
A persistent problem with cancer related studies is what they fundamentally by construction are incapable of ruling out.
Keep in mind largest x causes cancer study ever conducted from something well known to cause cancer the atomic bombing of Japan resulted in at best a 3% increase of cancer incidents from background.
Something may well in fact be causing thousands of deaths / year yet there is no way from studies anyone can practically afford to detect a statistically viable signal unless the suspected cancer is rare and immediate.
It is irresponsible and misleading to communicate standard "no evidence" finding without at the same time describing limits of what your study is even able to detect.
Studies made public almost NEVER do this. All we ever hear is "no evidence" which is irresponsible and misleading.
Personally I find it refreshing to see limits acknowledged. Not that statement in and of itself conveys any substantive information but simply saying "no evidence" and leaving it at that is BULLSHIT.
This is a great day for the FISA court system, which has been viciously attacked for decades right here on Slashdot.
FISA is now and has always been shit.
Now that there's pretty solid evidence that the DNC basically used the DOJ to lie to the FISA courts as part of its campaign...
No.
Carter page was already on FBIs shit list since at least 2013 when he passed information to people subsequently CONVICTED of being Russian spies.
Steele's work was initially funded starting June of 2015 by Free Beacon. It would not be a year later until April 2016 that DNC/Clinton would pick up continued funding.
SUDDENLY FISA IS OK! That's because the abuses were against Trump.
Your confuses separate issues. The issue of whether something was "legal" depends on the law as accepted by legal system not the law as you personally would like it to be. It is possible to concurrently for yourself to conclude FISA and third party doctrine is unconstitutional shit AND for people to have acted lawfully in getting a FISA warrant. There is no contradiction.
The same concept applies to Russian DNC hacking. It is concurrently possible to disapprove of Russians breaking the law to steal information from DNC yet very much approve of and appreciate the public existence of the stolen information.
Just remember, if it had been against a terrorist or an actual foreign spy, that would have been unconstitutional.
FISA system is unconstitutional regardless of who it is wielded against.
But against Trump? Fuck the constitution the ends always justify the means.
Remember, principles should be sacrificed as long as the end result is reinforcing the narrative that OMG TRUMP RUSSIA is true no matter what.
Nobody is saying this. Your creating a straw man and lighting the match.
Carriers are required to provide that information to the federal government. It's one of the things in the FISA bills that keep quietly passing Congress.
Are you seriously asserting carriers are continuously sending the wareabouts of every cell user to the federal government? If so feel free to backup your claim with publically available evidence. Wholesale collection of CDRs from everyone was ended years ago.
That horse left the barn in the Bush administration.
So what if it has? Is this a license to ignore the issue and allow it to be made worse?
Placing government in control of a 5G network everyone uses grants government means of directly tracking high resolution movements of everyone everywhere in real time. Hard to come up with a worse more dangerous idea than this one.
This would in theory make carriers compete for customers everywhere, and increase signal availability and quality for everyone.
What would be better is framework for allowing competing carriers to dynamically share spectrum completely doing away with exclusive grants.
Allowing multiple carriers to use the same frequencies is technically feasible with next gen technology and opens up means to competition rather than allowing only those with the deepest pockets to win spectrum auctions.
This occurs quite regularly with no acceptable excuse.
Step 1. - Vendor fucks up royally.
Step 2. - Customers complain.
Step 3. - Vendor runs around like a chicken without a head frantically attempting to fix whatever they fucked up almost always with even more lax quality standards than what was necessary to fuck up in the first place.
Step 4. - Customer predictably complains about fix not working or breaking even more shit.
Step 5. GOTO Step 3.
Lets put aside the problem of original fuckup and focus on the inexcusable portion of this. Mistakes / oversights happen.
Step 3 is where you ROLLBACK what you broke. It is NEVER about working overtime to fix what you broke by shipping out new code as soon as it compiles. Failure to plan ahead for this contingency and have a tested working rollback strategy carries predictable consequences. THIS is the failure this company should be apologizing for and the lesson they SHOULD have learned. Yet I'm quite certain it did not even occur to them.
2)If Consumers DEMANDED replaceable batteries over other features like Water Proof/Resistant devices, then they would be BUYING them. Since it is makes devices MORE expensive to have WaterProof and Replaceable batteries than one or the other, and people are choosing lesser expensive single option devices (Waterproof, no replaceable battery vs replaceable battery and don't drop in the pool) the the market has spoken.
I find it interesting lower end phones tend to be adorned with removable batteries and physical buttons yet high end gear costing 5 to 20 times more is where batteries go missing.
Higher costs of removable batteries is not a valid concern worthy of any serious consideration.
On a slightly related note, I don't recall seeing a map like Google Earth by MapQuest... all I can remember them having was the standard Miller Cylindrical projection, and certainly nothing resembling an actual 3 dimensional globe.
Google didn't create Google earth. It was developed by keyhole and funded with U.S. tax payer dollars.
Lets all create startups full of marketing slogans, innovative jargon and doublespeak. Then sit back and watch Google's and Microsoft's of the world rush to compete. It'll be great.
I've numerous innovative projects on the table. Here is a small sampling:
Internet connected toasters with a hadoop "smart counter" able to count slices of bread toasted separately from bagels or waffles. Smart AI technology automatically shares information with all of your Facebook "friends". -- Light bulbs with cameras and integrated far field microphone arrays and integrated high performance NTH (Nothing-to-Hide) AI cloud co-processor.
When "off" the light bulbs record every sound in the room and emits infrared light in order to photograph everything in sight.
When "on" light bulb records every sound in the room and emits visible light in order to photograph everything in sight.
All collected data is to be automatically shared with all of your Facebook "friends" and sold on FRAND terms to stalkers, criminal enterprise, governments and corporations. -- Smart wallets. This wallet holds your drivers license, passports, facebook photos and all of your credit cards. Includes integrated magnetic readers, chip proxies and transmits information to anything that asks within a 3 mile radius using latest powerful broadband COFDM encoding across all ISM bands making sure these bands can never be used by anyone.
Smart wallet includes integrated cash shredder automatically detecting and shredding any paper currency stored in the wallet at no extra charge.
Slashdot Mirror
They don't - the guy who wrote this article has no idea what he's talking about.
Yes they do the same way candy crush was being installed via the "suggested apps" auto install malware of the windows store.
Every outfit on the planet integrating malware into their systems say the same thing. X, Y and Z is needed to improve our products. Nobody EVER says the reason is to make the bean counters happy, gain unfair advantage or to sell out users to the highest bidder.
If they are so passionate about feedback in order to improve their product where is the feedback button in Ubuntu? Why can't it *ASK* for feedback or provide UI elements for users encouraging them to complete a survey?
I'm not that much of a Linux desktop user. Have an old version of 16.04 running in a VM and I never once remember seeing an option in the software to send any kind of feedback. No prompts, no nothing. Now I am actively looking in the software. I do a search in settings for feedback or survey ... 0 results. I do the same search in help 0 results.. the desktop search... 0 results. If there is a way to send feedback I don't see it. I actively looked and I can't find it.
If they really care why is there no way to ask end users? Why does there appear to not be software to facilitate any kind of feedback? If it is so important why does it appear to not exist?
Quit being a DLLdo. Windows and Linux libraries are entirely different.
Nonsense. It's all the same shit with uninteresting semantic differences.
1. If you want your application to upgrade smoothly over the years, you have to use either the DLL calls or the windows system calls and avoid the statically linked C libraries. For instance, when the times and dates for daylight savings time change, only the windows calls get updated automatically. The statically linked libraries don't get updated. DLL libraries get updated when the DLL gets updated (which can lead to DLL Hell, but that is another story.)
Normally Microsoft C library hands off to windows to process time. When daylight savings time changes statically linked C libraries do not have to be updated or applications recompiled to take advantage of these changes.
They have internal logic that can get out of sync however as a practical matter it's a fallback that is never used.
If you have an application that allocates memory in one DLL and frees it in another
Then the application is BROKEN.
then it is vital that the library that does the memory management be a DLL. Otherwise, each DLL has it's own statically linked memory mapping library, and they don't know about each other's allocations.
GIGO
Wake me up when they do something useful.
2FA is more secure than username/password authentication. Take a break from arguing reality.
Had you have RTFA you would have found out second factor (Smartphone) was used to bypass having to know users password by leveraging automated password reset facility.
Um... I take advantage of Sonos' same terrible, awful, incorrigible security hole all the time, and I am thankful they have them! How else would you control what is playing, adjust volume, configure zones, etc without needing to use the Sonos app that constantly asks to be updated?
Sonos is malware.
Good luck, The problem isn't hackers turning your TV on and off or controlling the channel or volume. It is when one of these exploits lets them use the TV or other IoT device as a jumping off point to the more sensitive points within your network.
Good luck when someone finds a way to inject malware into your network though one of these devices that manages to infect every desktop on the network. Why would someone want to do this you say? Have you ever heard of crypto paid ransomware? Now you know!
If someone can get to your smart TV behind your LAN what stops them from getting to whatever other shit exists behind same LAN? Why is it necessary to hack TV as a jumping off point?
For example say someone with your home WiFi password installs Mr Clean's malware app on their smart phone. What prevents the app from attacking your systems directly without the smart TV foothold?
What access scenario in TFA is necessarily limited to smart TV?
Please don't misunderstand. I'm not arguing rooting televisions is harmless or that your point isn't worth considering. It's just your point assumes a level of selectivity that does not seem credible.
You might say something like "If your router is hacked, have have bigger problems than the fact that someone can control your TV!"
I like the CSRFish argument in TFA. Of all the possibilities this seems to be the most credible vector against average user.
People installing smartphone apps that are actually (surprise) malware or exploit some wizbang browser feature enabling your LAN to be owned when you visit the wrong site by actors who would not otherwise have direct access.
There is NO GOOD REASON why televisions need to be designed in such a way that they are vulnerable to this kind of hacking
Personally I have unauthenticated access configured on my libreelec SBC because I want people to broadcast their drivel to our crummy TV without asking permission. There is value in ease of use to allowing people to control and or broadcast content without authentication. More value than risks in my situation yet everyone has different value judgments and everyone may not be ok with it.
This is why I don't like smart TVs
Hard to fathom sheer amount of negative energy that must have gone into engineering malware like ACR into current televisions. Makes me think it's actually reasonable and prudent to spend the time to open up the set and ground out internal WiFi antenna or pull the wlan card altogether. If manufacturers are willing to display such a high level of contempt for their own customers doesn't seem rational to trust them not to exploit unconfigured WiFi.
You are an idiot.
No shit.
2FA has nothing to do with what you described.
This should be obvious to all. My comments had absolutely nothing to do with 2FA as an idea or technology.
They were limited exclusively to IMPLEMENTATION of technology.
2FA as actually deployed in majority of public facing environments is provably LESS SECURE than passwords alone.
Which is a major issue, under no circumstance should a carrier be able to see into a persons account, without the person in question providing security keys or turning off account level encryption.
How do they send out bills, manage and provision access if they can't see into a persons account?
I think you mean to say access controls or masking rather than encryption. Encryption makes no sense in this context. The carrier owns subscriber data NOT the customer.
I never said lawyers should be the arbiters of what is reasonable, as the legal system is massively behind when it comes to technology.
Hard to interpret the words "think this lawsuit has the potential to set a good bar for reasonable security and if it's done right and successfully" in any other way than a prayer for legal precedent.
The first step towards fixing an industry wide issue, such as this, is to get companies who lack security, discredited in the IT community, which is something a number of people are working on.
The IT community is NOT EVER going to discredit ITSELF. I've had a front row seat for centuries as the entire industry blissfully got away with doing stupid shit. Low hanging fruit stupid it knows full well is wrong yet they can't help themselves. They hide behind "EVERYONE DOES IT". The "IT community" is a bunch of spineless followers.
Perhaps 1000 years from now when:
- EVERYONE is no longer entering passwords into adhoc web forms
- Give up insecure authentication protocols (e.g. CHAP/Kerberos).
- No longer rely entirely on automated procedures based on feedback from insecure protocols (eg DNS and HTTP) to establish trust relationships (PKI)
- When banks and ecommerce sites stop filling their pages with faux padlock gifs and meaningless assertions of security.
- When anyone in the world can't put whatever the hell they please in the FROM line of an email with an executable payload and the recipient have no clue.
In 1000 years come back and talk to me about security and IT community discrediting itself. Until then I'll keep laughing my ass off at any and all such assertions.
If you give someone an account and nothing stops a customer service rep from getting into that account, or resetting access to that account, that would be a major security violation.
I agree from what is know about T-Mobile case if the customer went out of their way to setup a security procedure to authenticate themselves and T-Mobile failed to live up to their end they should be on the hook for something.
Yet to assert customer service reps bringing up accounts is a major security violation is not something I agree with.
Accounts should always be stored in such a way as to prevent anyone but the user of that account from gaining access, or changing access details, 2FA and encryption help to stop this problem through validation of the account holder.
The account MUST be available in a form accessible to the provider in order to provide and manage service. It can't as a practical matter be encrypted and accessible to nobody but the end customer. This is not a reasonable position to have. It's a complete nonstarter.
If a provider offers enhanced security for CSR access to accounts and the user takes them up on it... god bless. If you think everyone should be required to OFFER some kind of enhanced security... physical token cards, encryption keys then god bless... work to build consensus for that position.
Otherwise in the real world EVERYONE does stupid shit.. check caller id, ask for an SSN or PIN...etc. The only credible alternative are physical trips to a physical office with government issued IDs in hand. This wastes a tremendous amount of everyone's time and resources and simply isn't worth doing by default even if it prevents some fraud.
Nobody is deploying key fobs or encryption keys to their customers by default and even if it did it wouldn't solve much. People will lose or destroy them and expect their service anyway. The chance of this changing any time soon is zero. The change of IT driving such change is zero.
What a great idea. Stock your store with millions of junk apps that amount to little more than glorified hyperlinks. What people really want is to wade through heaps and heaps of garbage only to discover what they really want isn't for sale.
This tactic should win Microsoft enough attention that someone somewhere on earth is guaranteed to buy something from Microsoft by the time 32-bit time_t wraps.
App stores are evil.
Windows 10 is malware.
"It's the emptiness that's left. It's like a despair, destroying this world and I have been trying to help it. " ~Microsoft
It sounds like AT&T or T-Mobile (not sure which carrier), was absolutely, partially at fault, for not assuring a reasonable level of security to their infrastructure.
CPNI rules for carriers don't mandate 2FA. They do require change notification and some (unspecified) method of subscriber authentication such as an access PIN.
This entire problem seems to be a classic and disturbing case, of companies not providing reasonable security.
If you think existing laws are insufficient you should work to build consensus to get them changed. Rooting for lawyers to be the arbiters of what is "reasonable" is itself extraordinarily reckless and unreasonable.
If the account in question did not require at least 2FA+ to access, which could of been enabled and disabled by the customer, and it's contents were not fully encrypted, to the point that it required an additional layer or security to unlock, such as a TOTP ...
I think this lawsuit has the potential to set a good bar for reasonable security and if it's done right and successfully, could finally usher in what is sadly missing from almost every service the average person accesses.
What does encryption and 2FA have to do with T-Mobiles role in any of this? Sounds to me like your confused about the underlying issue.
People are being mislead enmasse into believing 2FA exists to protect them and enhance security when reality is this technology is pushed almost exclusively in public settings as a means to not have to deal with people forgetting their passwords.
Automated reset facilities result effectively in factor x OR factor y rather than factor x AND factor y. This predictably results in a significant reduction of security in the name of not having to deal with considerable administrative burden of "I forgot my password".
Those marketing 2FA as an enhancement to security deserve to be on the receiving end of lawsuits for their deceptions.
This is how a priest justifies the existence of a religion, not how a scientist describes a fact.
Come back to us when you actually have positive results, not some phony belief.
A persistent problem with cancer related studies is what they fundamentally by construction are incapable of ruling out.
Keep in mind largest x causes cancer study ever conducted from something well known to cause cancer the atomic bombing of Japan resulted in at best a 3% increase of cancer incidents from background.
Something may well in fact be causing thousands of deaths / year yet there is no way from studies anyone can practically afford to detect a statistically viable signal unless the suspected cancer is rare and immediate.
It is irresponsible and misleading to communicate standard "no evidence" finding without at the same time describing limits of what your study is even able to detect.
Studies made public almost NEVER do this. All we ever hear is "no evidence" which is irresponsible and misleading.
Personally I find it refreshing to see limits acknowledged. Not that statement in and of itself conveys any substantive information but simply saying "no evidence" and leaving it at that is BULLSHIT.
This is a great day for the FISA court system, which has been viciously attacked for decades right here on Slashdot.
FISA is now and has always been shit.
Now that there's pretty solid evidence that the DNC basically used the DOJ to lie to the FISA courts as part of its campaign...
No.
Carter page was already on FBIs shit list since at least 2013 when he passed information to people subsequently CONVICTED of being Russian spies.
Steele's work was initially funded starting June of 2015 by Free Beacon. It would not be a year later until April 2016 that DNC/Clinton would pick up continued funding.
SUDDENLY FISA IS OK! That's because the abuses were against Trump.
Your confuses separate issues. The issue of whether something was "legal" depends on the law as accepted by legal system not the law as you personally would like it to be. It is possible to concurrently for yourself to conclude FISA and third party doctrine is unconstitutional shit AND for people to have acted lawfully in getting a FISA warrant. There is no contradiction.
The same concept applies to Russian DNC hacking. It is concurrently possible to disapprove of Russians breaking the law to steal information from DNC yet very much approve of and appreciate the public existence of the stolen information.
Just remember, if it had been against a terrorist or an actual foreign spy, that would have been unconstitutional.
FISA system is unconstitutional regardless of who it is wielded against.
But against Trump? Fuck the constitution the ends always justify the means.
Remember, principles should be sacrificed as long as the end result is reinforcing the narrative that OMG TRUMP RUSSIA is true no matter what.
Nobody is saying this. Your creating a straw man and lighting the match.
Carriers are required to provide that information to the federal government. It's one of the things in the FISA bills that keep quietly passing Congress.
Are you seriously asserting carriers are continuously sending the wareabouts of every cell user to the federal government? If so feel free to backup your claim with publically available evidence. Wholesale collection of CDRs from everyone was ended years ago.
That horse left the barn in the Bush administration.
So what if it has? Is this a license to ignore the issue and allow it to be made worse?
What's your reasoning for thinking 5G is not a serious security issue?
Securing networks is a fools errand.
Placing government in control of a 5G network everyone uses grants government means of directly tracking high resolution movements of everyone everywhere in real time. Hard to come up with a worse more dangerous idea than this one.
This would in theory make carriers compete for customers everywhere, and increase signal availability and quality for everyone.
What would be better is framework for allowing competing carriers to dynamically share spectrum completely doing away with exclusive grants.
Allowing multiple carriers to use the same frequencies is technically feasible with next gen technology and opens up means to competition rather than allowing only those with the deepest pockets to win spectrum auctions.
This occurs quite regularly with no acceptable excuse.
Step 1. - Vendor fucks up royally.
Step 2. - Customers complain.
Step 3. - Vendor runs around like a chicken without a head frantically attempting to fix whatever they fucked up almost always with even more lax quality standards than what was necessary to fuck up in the first place.
Step 4. - Customer predictably complains about fix not working or breaking even more shit.
Step 5. GOTO Step 3.
Lets put aside the problem of original fuckup and focus on the inexcusable portion of this. Mistakes / oversights happen.
Step 3 is where you ROLLBACK what you broke. It is NEVER about working overtime to fix what you broke by shipping out new code as soon as it compiles. Failure to plan ahead for this contingency and have a tested working rollback strategy carries predictable consequences. THIS is the failure this company should be apologizing for and the lesson they SHOULD have learned. Yet I'm quite certain it did not even occur to them.
No updates for you then.
Excellent point. It's impossible to update an operating system without communicating with OS vendor. Doing so would violate causality.
2)If Consumers DEMANDED replaceable batteries over other features like Water Proof/Resistant devices, then they would be BUYING them. Since it is makes devices MORE expensive to have WaterProof and Replaceable batteries than one or the other, and people are choosing lesser expensive single option devices (Waterproof, no replaceable battery vs replaceable battery and don't drop in the pool) the the market has spoken.
I find it interesting lower end phones tend to be adorned with removable batteries and physical buttons yet high end gear costing 5 to 20 times more is where batteries go missing.
Higher costs of removable batteries is not a valid concern worthy of any serious consideration.
So long as Windows can't be configured not to communicate with Microsoft at all for ANY reason Windows is off the table.
On a slightly related note, I don't recall seeing a map like Google Earth by MapQuest... all I can remember them having was the standard Miller Cylindrical projection, and certainly nothing resembling an actual 3 dimensional globe.
Google didn't create Google earth. It was developed by keyhole and funded with U.S. tax payer dollars.
Lets all create startups full of marketing slogans, innovative jargon and doublespeak. Then sit back and watch Google's and Microsoft's of the world rush to compete. It'll be great.
I've numerous innovative projects on the table. Here is a small sampling:
Internet connected toasters with a hadoop "smart counter" able to count slices of bread toasted separately from bagels or waffles. Smart AI technology automatically shares information with all of your Facebook "friends".
--
Light bulbs with cameras and integrated far field microphone arrays and integrated high performance NTH (Nothing-to-Hide) AI cloud co-processor.
When "off" the light bulbs record every sound in the room and emits infrared light in order to photograph everything in sight.
When "on" light bulb records every sound in the room and emits visible light in order to photograph everything in sight.
All collected data is to be automatically shared with all of your Facebook "friends" and sold on FRAND terms to stalkers, criminal enterprise, governments and corporations.
--
Smart wallets. This wallet holds your drivers license, passports, facebook photos and all of your credit cards. Includes integrated magnetic readers, chip proxies and transmits information to anything that asks within a 3 mile radius using latest powerful broadband COFDM encoding across all ISM bands making sure these bands can never be used by anyone.
Smart wallet includes integrated cash shredder automatically detecting and shredding any paper currency stored in the wallet at no extra charge.