Re: Whilst I don't have anything to hide...
Simple. They hack the baseband processors, below the OS and anything you could touch. And it can work on feature phones, too.
16605 publicly visible posts • joined 10 Jun 2009
I've been sticking with Note 4's. Still have the one I got about a year ago and got one for a good friend recently to replace an absolute dinosaur. It's the biggest Samsung phone that ticks all the boxes for me. I've since removed Qi charging from my list since I learned it raises serious heat issues that causes battery problems.
"And don't get me started on how little love I had for them when they rolled out whichever version of Android it was that messed around with the SD access permissions for third-party apps."
Don't blame Google there. IIRC it was the same version that allowed for encrypting the storage devices to allow a Lock-and-Erase that was actually effective. With that in place, Google discouraged app devs from using external storage (less likely to be encrypted) as a security measure. I actually DO encrypt the internal storage on my phone to take advantage of this.
These days, internal storage is enough to store all the apps I would ever need. As noted, I keep the external card (unencrypted , in case of Murphy) for low-priority stuff where its security isn't really an issue (after all, who cares if my media collection is stolen; it's just a copy).
Unless the SD is just full of low-priority stuff like media files which are easier to pass from phone to phone as you progress. And that still doesn't excuse the lack of removeable battery, which based on firsthand experience is a serious longevity and safety issue. Having pulled out plenty of bulging batteries in my years, I've made it a prerequisite.
But absolutely useless against "Outside the Envelope" attacks at points where the contents MUST be decrypted (such as during display since the Eyeball Mk 1 doesn't directly grok encrypted data). That's what the article is describing: "Outside the Envelope" attacks.
Quality was why Betamax won in the professional market. You could find Beta machines in plenty of TV studios for that reason. Price was less of an issue there while generational preservation was.
As for stereo, I recall VHS had an easier time getting Hi-Fidelity sound onto the tape (especially in NTSC recordings) which is why they got an edge in sound and another reason VHS won that generation's video war. By the time Beta had a suitable answer, the war had pretty much run its course.
Funny. I keep FF up for weeks at a time without an issue (have to keep a window open to keep an obscure, slow-to-reload page active), and I only have 8GB and a Core i5. Oh, and it's only using 500MB, with two windows (one Private) and multiple tabs active. WITH numerous Add-ons active including NoScript and uBlock Origin. Does it matter that it's v54 (32-bit)? And as for the interface, I frankly don't see what all the fuss is about. I LIKE the Hamburger menu, I reload with the keyboard, and if I need the regular menus, a quick flick of Alt opens it right back up. Ever tried to print a webpage from Chrome? It doesn't use the OS-standard print dialogs.
And no, I'm not a shill or anything. I simply, honestly and truly, prefer Firefox to anything else. Nothing anyone else has said has convinced me otherwise.
And then they get flak for pwnings that occur BETWEEN the Patch Tuesdays, some of which are SO severe (and already in the wild) they're forced to scramble to issue an Out-of-Band patch. Putting you in a vice: break your machine or get pwned. And let's not forget all those people who wouldn't update even if it meant their lives (or livelihoods); they've demonstrated an inability to stay current, when self-preservation doesn't work, you're forced to use other means (and no, you can't use Darwin since that would bring with it collateral damage which could end up boomeranging back to YOU).
"It's a bit like helmets and seatbelts. I think they are a good idea and that everyone should wear one, but I also think you're all big kids and if you want to take a chance, it's your life."
NO, because no man is an island, and your life has an effect on everyone else, so disregard for oneself is by extension disregard for EVERYONE: bad for society.
They can't because there ARE things for which high-ups will reply, "But it's the ONLY way we can administer our stuff!" because people like Cisco (Identity Services Engine) don't offer alternatives on their dime (and since this is high-end enterprise stuff, they're expensive, too). You'd be cornering these firms who got the stuff long ago in good faith; they can't use Flash in an environment where they MUST use Flash.
Then what happens WHEN (not IF) a program you ABSOLUTELY need ONLY works on Windows (and let's say ONLY Windows 8 and up for "security reasons") and (due to its purpose) MUST be online? I mean, why can't game developers see the writing on the wall and code for a united flavor of Linux, for example (because for every working headliner example you can cite I can probably name at least two that won't and probably never will like Fallout 4).
But what about people with bad memories who suddenly need to get into their routers and can't...because they forgot the password? The problem with your solution is that you have to account for stupid who will still complain if they can't get into the stuff they bought outright with their own hard-earned dollars tout suite.
That's just one application of the word, but in general an oxymoron is a description that is self-contradictory. Such as "a regular abnormality" (since something abnormal, by definition, can't be regular) or a "squared circle" (since a circle, by definition, has no corners).
There's no limitation on the right of free speech written in the 1st Amendment, either, yet the Schenck decision found one anyway, implied, in that you can't use speech to deny the rights of others (the "Fire in a Crowded Theater" test). Since ANY large assembly of people raises the inherent potential to wreak havoc (the more people there are, the less chance any one will own up), there are laws in place to control such assemblies: laws which have survived challenges due to the need to protect the freedoms and rights of non-assemblers.
More like fear of being unable to get it back. Given the ephemeral nature of all things Internet, some of us are of the nature we should hold on in case things start disappearing, much like those viral videos that then get cut off at the source. You know what what say; better by far to have something you don't need than to need something you don't have.
Definitely worth considering if the original drive wasn't that big to begin with, but as mine is 1TB the price tag for a replacement my size is still probably going to be too high to tempt me. And that's just the main drive. Large program and/or program data collections are still going to have to hold out on rust for the time being.
Sounds all nice until the real world butts in. You know the old saying, "Good, Quick, Cheap. Pick any TWO." Problem is, the bean counters and higher-ups usually call dibs on the Cheap and Quick, figuring paying for the occasional flub is less than doing it Good. Leaving you kinda backed into a corner.
But how much value? Knowing the message is compromised probably won't mean much if someone else knows the compromised message and because of this can preempt your intended goals.
If you REALLY want to get the message without the target knowing, then you need to take the "outside the envelope" approach and simply snag the message in a phase where it MUST be decrypted.
systemd
with faint praise
"Please explain. After paying for food here over rather more decades than I care to think about it comes as something of a surprise to find I never owned it."
Think about the old adage about bad beer; you don't BUY it, you just RENT it for a while. Similarly for food you eat; you don't buy some of it it because most it doesn't stay inside: leaving eventually one way or the other.
"I would argue that it wasn't "init" that needed replacing, it was "rc"."
I was going to say, replacing the idea of fixed numeric runlevels with names (which can still be numeric) could at least be seen as a gradual progression (nothing too different from what's being used now, after all) and would allow the introduction of configurable flexibility (more than 5 runlevels if need be, or less if you want to KISS the system some).
IOW, gestalt faults (or gestfaults, for short). Things that never show up individually but crop up when put together (the whole is worse than the sum of its parts). And that's another potential fault point for a process chain: "trusting the welds", so to speak, since you can't be sure the two programs were built by the same teams with the same goals and same philosophies and expectations. If they don't, and they don't explain everything, an edge case can hit where the sender sends something the receiver doesn't expect.
"Don't sign contracts based on the people you're dealing with at the moment."
Problem is, we're not prescient. I don't think anyone could figure Toshiba as a whole would get into so much financial trouble so quickly. It's sorta like finding out a millionaire had turned penniless overnight over something that seemed like a great idea at the time. Or a close teetotaler friend having just one night of drinking and suddenly ending up with a legal mess worse than the Gordian Knot, including a gruesome DUI-based Vehicular Homicide charge.
IOW, some things you just CAN'T anticipate or you'd go insane.
That probably wouldn't count as that would be considered two different formats of the same thing. One not intended for permanent storage.
OTOH, most programs MUST be stored to be usable. It's like with Microsoft and Windows in the past. HOW you got the copy wasn't as important as whether or not the KEY you have is legit.
"I think JavaScript strings are UTF-16 internally. I don't think it could be done any other way."
Agreed. It's unfortunate, but not everything can be of uniform length. It's up to the user to handle edge cases accordingly. For example, if the string is expected to use mainly CJK characters, pad with the Idoegraphic Space (U+3000) which is meant for CJK typography. As for RTL languages, the main thing needed is consistency. As long as you keep the text uniform, just use the appropriate padding function. As for combining characters, Unicode already includes many precomposed characters, so this doesn't crop up as often as you think.
Yes, but what if your opposition is LOOKING for strange messages on the assumption they're up to no good? IOW, you not only have to hide the contents of the message but also the fact you're sending a clandestine message. There are only so many ways you can mangle the language in a public medium (and it's difficult to use extensive steganography, especially for a detailed message in a medium not under your control) before people start wondering. At least in WW2 there were codes being sent everywhere, including from overt official sources. Not as easy in a covert campaign.