Re: The other side of the argument
Unless, of course, they just hack LastPass itself, steal the contents, AND figure out ways to crack or hack them, which is not outside the realm of possibility. Then they can pwn you without hacking you.
16605 publicly visible posts • joined 10 Jun 2009
If they can pwn the point of entry, then any other kind of entry screening is moot since they still have to go through the point of entry. IOW, 2FA isn't going to work not because it's going to the same point as the pwned point of entry but because it'll have to go through the pwned point of entry anyway.
So you say all your dates (xxxx, mm dd)?
What about all the hispanics and so on that say "dd de mm, yy" (or simply English who say "ddth of mm, yyyy")?
Anyway, the mm/dd/yyyy format is consistent with Americans and many other English speakers who say "mm ddth, yyyy".
The ISO date format is as much a mishmash of letters and dashes as any other date format. The ONLY reason it's so useful in computers is that it AUTOMATICALLY sorts dates chronologically if you perform a simple ASCII sort (to the second if you use the extended format which includes a 24-hour time).
"However, if any of your devices with KeePass gets hit by keyloggers / slurp-happy Malware, won't you be screwed too? Example: WAGS borrows your device in the car to look up directions to 'Hotpoint'. Hotpoint site gets compromised again... Game-Over, no???"
If a point of entry gets pwned, you're screwed no matter what. Things like KeePass at least make it hard to pwn you OUTSIDE the point of entry. If LastPass gets hacked, you can get pwned outside the point of entry.
"Well, I wouldn't hire you for any job that require a strong identity - such a person would be unfit for the role, sorry."
So basically it's, "Game Over. You Lose. Better Luck Next Life." How Spartan...
Ever considered the person doesn't have to work...because he or she is retired? Old people still need to be able to access their accounts and so on, and if the last local branch closes...
But guess what education helps to do? Condition the mind to be able to do what you describe. Even in the old days, the hands-on education of skilled trades and so on conditioned the mind to be able to think out of the box for the sake of their position (adapting to changing conditions). If OTOH everyone did things by rote...
And I'm sure you realize the obvious counter.
Many in India are POOR and likely have POOR education.
Meaning in a world of "Are, Know, Have", many in India neither KNOW nor HAVE anything of value. How do you handle an identity system when the ONLY thing of value you possibly possess is something you ARE?
Partly useless, because you can't fake PANIC. You can't fake a fire, and so on. Even the late Terry Pratchett noted it. IOW, unless people REALLY feel their life is on the line, they won't behave the same way during a drill than they will during an actual emergency. Practice isn't all you need, you ALSO need discipline: the ability to not panic when surprises DO come. Say detonate a flashbang once in a while nearby to condition people to react in desired ways.
But the point stands. What if the exploit is a gestalt, meaning it ONLY appears in a certain environmental combination and then becomes something greater than the sum of its parts? IOW, it's like planning for an emergency: the ONLY way to really know if the plan works is to have an emergency, with all the environmental factors that ONLY come from true emergencies.
There's more than one manufacturer, so there's no real supply monopoly, and since the manufacturers come from different countries (Taiwan, South Korea, etc.) with different economic incentives, they're unlikely to act in a cartel.
As for the carriers, there has always been a market for carrier-free phones, particularly in regions where common settled frequencies have been established like LTE Band III, allowing for easier carrier-jumping. Areas with more prepaid rather than postpaid carriers tend to encourage carrier-jumping and thus carrier-free phones. Even in America that trend is growing with increasing numbers of "Bring Your Own Smartphone" MVNO carriers. Most of the headliners for the past ten years or so have been offered carrier-free in some form, plus there was the iPhone which carriers were SO desperate to carry that they let Apple dictate terms for a while. So I doubt there's a real monopoly on the distribution end, either.
No, I think the real demand is strictly with the customers. Thin is in, and simplicity sells, thus closed-in slim phones win out over thicker and easier-to-grip phones with removable battery packs and expansion slots.
The existing iteration of "The Internet"
There, FTFY. The truth is, nothing known to man can ever be really secure as long as someone knows about it. Not even a One-Time Pad is proof against Rubber-Hose Cryptanalysis. The only true secret is one known to NO ONE and NO-THING (because the thing can be used by man to access it).
The problem behind the problem for (2) is that upgrades can be DOWNgrades, too. And if your software depends on something that WILL disappear with the upgrade (like support for the ISA bus which was dropped with Vista), then you're up against the person who's sworn to stand his ground to the death, meaning no carrot is more valuable than where he stands right now and amount of stick will make him budge. The thing is that one size can't necessarily fit all and for some, there are higher priorities than anything you can provide.
"At the moment whois shows bbci.co.uk as registered to the BBC."
As I recall, bbci is short for "BBC Interactive" and represents the BBC's earlier forays into combining television and internet to create interactive programming. It's a legitimate domain that the BBC has had for about a decade or so.
But what if Z doesn't exist? It's like with medical equipment manufacturers still using outdated operating systems to stay legally-compliant. If EVERY site that has the W you need REQUIRES the use of Flash, then you're stuck with a Hobson's Choice (as in Take It Or Leave It). Some people may be willing to walk away, but for some it can result in collateral damage, such as not being able to use a piece of computer equipment for a job which means it'll have to be replaced (a more-expensive proposition).
An international company with no US presence couldn't be sued in the US due to lack of jurisdiction. Those kinds of cases usually go before the international trade courts which are a special case. Besides, isn't it normal for a company doing business in the US to have some sort of US presence for legal reasons?
It's the PUBLISHER'S responsibility since they're in the best position to know or figure out whether or not the piece in question is true or not. Anyone else would not be in a good position to know, especially if the content is exclusive. Besides, the LEGAL liability (under libel law) fall to them, does it not?
And the manufacturer is NOT your friend since you can't replace the machine: it isn't yours to mess with. Remember that infamous boilerplate: Breaking this seal voids all warranties and service agreements.. It's basically an untouchable machine that's an integral (and to the manufacturer, inseparable) part of the six-to-seven-figure whole. And no, airgapping won't be an option since it has to be able to transfer the fruits of its labor, and a USB drive can pwn a machine just as easily as a network connection.
"Someone bought a GBP500,000 molding machine that is tied to an obsolete operating system?"
Yes, because the alternative was probably buying a GBP600,000 molding machine tied to an obsolete operating system. IOW, this is what happens when EVERYONE uses commodity stuff to undercut the competition and win contracts.