Re: And there's more (Chris G)
"...with a nice bottle of red and a bag of popcorn..."
Chris G, you're doing it wrong! You should be sitting "with a nice bag of
red (poison) and a bottle of (liquid) popcorn"!
1574 posts • joined 8 Oct 2007
"...print your complaint on a lobbyist."
... with a rusty tattooing needle. A manual model, not those modern 'electrick' ones!
Other vendors should take notice. This is the way to treat researchers discovering bugs in your products. Definitely, suing them is not the way to go.
"2013 Gallup gross median household income"
The devil is in the details. If they have to pay for their (private) healthcare /health insurance, and said healthcare costs an order of magnitude or two more than what Brits pay to the NHS, and pay $100 prescription bucks that in Europe cost a tenth of that, and the only way to settle an abuse by a health insurance company is to engage in eyewateringly expensive and time-consuming litigation, perhaps the Brits are better off than the USAians. And the cost of living in all but the biggest cities in the UK is probably lower than the cost of living in Mississippi.
In the USA a single -serious- medical problem can bankrupt a well off family in months. Many people with chronical diseases simply can't afford the treatments. Working parents have to pay for nurseries or domestic service...
Every benefits program can -and will- be abused, but that's not the important part. The important part is how good those programs are for Society.
If this law gets passed, I wish on this Austin Scott to suffer a serious accident in an area where nobody has a phone for calling an ambulance.
Who in his right mind would vote for this futwick?
The extinction rates could be very different in areas further away from the Chicsulub impact point. They should probably repeat the study in other parts of the world before jumping to their conclusion, IMHO.
"...275,000 transistors (on a 1500-1000nm process)."
Funny, I don't remember the I386 having the size of a pizza box.
Shouldn't that be "100-150 nm process"?
So this is the end for unemployment in IT in the whole Galaxy, isn't it?
"That would explain why it only happened for a certain number of time-limited transactions."
For "more than a year"???
"Radio waves take three hours to get from stupid to where these morons do business."
Straight to my quotes/scrap book, with attribution!
"It can help you reduce the number of incidents but that's it."
Nothing we can device and develop will ever give us a perfect protection.
What I described would give users a 'sane' level of protection, without breaking that delicate balance between annoying your customers and protecting them, and without costing an arm and a leg.
Now, someone should do something about all those methods to pwn a stolen smartphone. In the case of Android, it should include serious changes in the way it addresses security, including a working full disk encryption, IMHO. The same is true about Apple, but up to a lesser extent (and with the full disk encryption side more or less covered), as proved in the San Bernardino iPhone unlocking case.
"Once Tor is in use, the source IP can easily be masked without a way for the banking app to know it's turned on."
Would it be that difficult to make the app in such a way that it only communicates with the Internet through 'normal' https?
So, while it's working, the app closes access to a big list of Tor nodes, does some other clever checks, e.g. symptoms of DNS Constipation, and if it considers that the connection is still not safe, disallows itself to communicate with the bank's site, then close the connection, stop blocking the tor services and browser, send user a message to please stop temporarily (not remove!!!) any app that has anything to do with the tor network.
This mechanism would have the advantage of addressing the problem not only for this program, but for other future programs that provide access to the Tor network. And nobody's rights would be stomped*.
It's not rocket science!.
While I was writing about "stomped rights", I, for unknown reasons, recalled this quote from Fallout Tactics:
"Look Joe, I've been hookin' here for fifty years now. My ass has seen more rubber than a dead rat in the middle of Route 66. I thought I've seen just about everything, but then these robots come in and they kill all my customers. Now the only time I lay on my back is to go to sleep."
"Especially if you're paranoid about alphabet agencies"
And don't forget the Alphabet Company!
While writing this comment, I noticed that Google's mothership's name was kind of a hint.
"how about you sign a disclaimer....so that when your bank account is raided, you don't get reimbursed"
I'll do that when the bank signs another disclaimer taking responsibility for any security / privacy issues derived from its apps removing my security / privacy software.
Nah, actually I wouldn't touch Internet banking with a bargepole. Until "They" remove the right to choose from "Us".
"...do you really know who writes the Tor app...
I actually know what the apps do, as I have access to the source code. Just like everyone else, 'cos "Tor is free and open source for Windows, Mac, Linux/Unix, and Android"*, i.e. it's Open Source.
* Note: Quote from the Tor Project page.
"...it was Private Eye who coined Crapita!"
Spot on! It's well known that Crapita was coined by a very private eye!
"...7 o'clock doesn't shit anyone..."
Surely you meant 7 o'cock?
"In Germany the title engineer is legally protected..."
Same thing in Spain, and probably in the rest of Europe.
See icon >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
S.T.T.L., my friend, and thank you!.
THANKYOUTHANKYOUTHANKYOU!!! for that link. I still own a few Wizard of Id booklets, that I purchased when I was a teen, and still re-read occasionally.
Absolutely side-splitting, those comics!
... does the following sentence sound familiar to you?
"The leaked documents can be found HERE."
(Where 'HERE' is a hyperlink)
Does this ring a bell?
"... it was actually Spanish (and not that good..."
Yeah, we keep the good stuff for ourselves!
"Actually 'empanadas' came from Cornish pasties"
Empanadas appear on 'Spanish' recipe books from ~1100 AD or so, both in the Christian and Muslim areas of the Peninsula, so I'd bet good money against bad that empanadas didn't come from Cornish pasties!.
Related anecdote: ~20 years ago, I was invited to a medieval style banquet organized by a local Gastronomic Society and entirely made with recipes and techniques from the period. It included fourteen courses and three desserts. The running joke was that the banquet was sponsored by the Spanish equivalent of AlkaSeltzer. :-)
Oh, and said banquet included three kinds of empanadas; fowl, eel and pork, if my memory doesn't fail me.
Improving security through knowledge sharing, discussion, beer and LOLs!
Add my (virtual) thumbs up for the article!
Even when I asked Wolfram Alpha the number of tourists, it gave me the number of total visitors.
For France and Spain, the number of tourists is ~80% of the number of total visitors. For the USA, the percentage of tourists is ~40%. Which nicely reinforces my point.
"The US requires visas and seems to do okay with tourism."
Hmmm... let's see:
Number of tourists visiting the USA every year: 23.89 million people per year (2007 estimate)
Population of the USA: 322 million people (world rank: 3rd) (2014 estimate)
Number of tourists visiting Spain every year: 59.19 million people per year (2007 estimate)
Population of Spain: 47.3 million people (world rank: 30th) (2014 estimate)
Number of tourists visiting France Every year: 81.94 million people per year (2007 estimate)
Population of France: 64.1 million people (world rank: 21st) (2014 estimate)
So... not even in the same league!
(Source: Wolfram Alpha)
And regarding the Caribbean countries, I visited one of them a few years ago. I obtained the visa through the Internets, with minimal paperwork, and my visa took less than a week to be processed and approved. Some friends visited another Caribbean country and they only needed they passport. YMMV, of course, as conditions may have changed since then and other countries may have different rules.
As an added bonus, nobody asked me if I planned to kill the president of Coconutstan!. ;-)
Please allow me to clarify my comment:
The countries listed in the parent comment request visas from tourists from some 'conflictive countries' - i.e. countries that are usual sources of illegal immigration-, not from European countries -regardless of whether they are in the EU or not- or from 'Western' countries. If they requested -most- tourists to obtain visas, they would be shooting themselves in the foot, as tourism is an important source of income for these countries.
Brits trying to migrate into those countries are a different matter, though.
Disclaimer: I'm Spanish and I consider the Brexit a bad thing both for the UK and for the rest of the EU, but the 'visa for tourists' argument doesn't make any sense.
"...all the people from the UK have to start filling out visa applications before they go on holiday"
To the best of my knowledge, none of the countries you named requests visas from tourists, for quite obvious reasons.
Am I the only commentard here that considers the chain mail part far more worrying than the tabard with the flag?
"The Indians in Mumbai must be laughing their collective asses off."
From the looks of it, the exam was probably outsourced to India.
Ooppss. After writing my comment, I noticed that Steve Davies had written a similar comment before mine.
"...users consent granted in the EULA does not stop it being utterly irresponsible and dangerous."
EULAs are not the word of God, at least in the EU. Abusive clauses, both in EULAs and contracts, can be challenged in court and invalidated. In some extreme cases, the whole contract can be invalidated.
One of these days, Microsoft will suffer The Mother of All CALs and pay dearly for all this GWX crap. The sad part is that when (if) that happens, Satya Nadella will be already retired and enjoying his bonuses!. :-(
Both options aren't mutually exclusive!.
"someone who could be a person's identical twin down to voice, speech, and motion mannerisms can pass for you on a given night?"
It all depends on how tight are the tolerances for the biometric measurements. My bet is that said tolerances won't be tight at all, due to things like ambient noise, variable light levels & light colour, hairdos and dyes, glasses and sunshades, ...
If that's the case, probably any chap superficially resembling you and able to modulate his voice to more or less sound like yours may be able to unlock your phone.
Going on a leg here, but my guess is that they're either blue or UV floodlights. It probably helps them to detect leaks or biological contamination.
... on Western democracies? ***shudder***
I mean, the Chinese didn't invent this shit, did they?
"...assist in ensuring that we fully understand the intention behind the recommendations you made in your review."
Wut??? Did this Penning guy even read the report before sending his first letter?
And the two paragraphs in the yellow box in the article, they're the most convoluted and complex way of saying ·"Yeah, I screwed it, sorry." that I've ever read!.
Well, the guy is some kind of politician cub, isn't he?
"The UK runs down 0.002% of it's population under the age of 19"
No. The UK runs down 0.0027% of its TOTAL population.
"The USA shoots 0.0008% of it's population under the age of 19."
Let's see... Estimated deaths of children and teens by gunfire in the USA: 2600.[/] Number of Children and teen in the USA = 83 millions.[=] 0.0031%
Your figures are fucked up!
And for those who think that weapons in the hands of citizens help curb crime: Number of Firearms stolen in burglaries every year in the US = ~250,000.
I see it more as people wising up -a little bit- on online security, at long last.
Android at least has several competing appstores. For now. ;-)
"Our history is a fairy tale, sprinkled with a few decorations of truth"
That sounds more or less like History as depicted by Hollywood!
That was insightful!. I could try that when MS stops forcefully pushing the Windows 10 'update'.
Q4: Does it use an Open Source, strong encryption system when communicating with other modules in the system or with the outside world?
Q5: For how long will the manufacturer keep sending security updates to the device?
Q6: Has the manufacturer signed a written statement promising not to remove any features of the device?
Q7: If some services or features depend on external servers controlled by the manufacturer, for how long will they keep said servers running?