Posts by Crisp 2852 publicly visible posts • joined 16 Jan 2012
We just want this one little tool. We'll only use it against terrorists we promise...
... Oh, and paedophiles ...
... and copyright infringers ...
... possibly against parents that might not actually live in the school catchment area that they say they do ...
I would imagine that there's some way to disarm the bombs and make them fail safe, but is there really any way to do that when the main rocket motor fails and the whole kit and caboodle comes hurtling down towards Earth closely followed by 77 tonnes of rocket fuel?
Which is exactly what will happen if governments pass a law allowing them to decrypt whatever they want whenever they want. That master key will be very quickly discovered and then disseminated through the internet.
And once that can of worms has been opened it will be impossible to put the genie back in the bottle.
Does the USA even have the manufacturing capability for Apple to just up sticks and move their entire manufacturing process to america?
Do they even have large scale microchip fabrication facilities over there? Are the hard drives made in America? Will Apple be able to source screens from an American manufacturer?
Will Mr Trump be paying for all this himself?
Thanks to two factor authentication my bank knows exactly who I am. Thanks to the wonders of encryption I can be fairly sure that no prying eyes can read the contents of my transmissions.
If banks can do this kind of thing for online banking then why can't the government? It's not even hard! I think even Blizzard use a similar system for protecting it's users too. If it can be done for video games, it can be done for the DWP.
Adding my voice to what Guus has said above;
Why aren't VTech being held accountable for this? They've not lost anything trivial like their customers bank details or their credit card information. They've practically left the door open for hackers to walk off with the unencrypted details of over 6,370,000 children.
Craig Jones advising consumers to follow cyber-security advice is a poor sop to angry parents that have done nothing wrong and are quite rightly concerned that their children's details are out there on the internet and available to people that might not have their childrens best interests at heart.
You can follow all the cyber-security advice you like, but it will do you no good if they company storing your data gets breached.
What are the parents of these 6,370,000 children supposed to do? Move house and change all their phones? What deterrent will be put in place to remind companies that our data is valuable to us and will cause us a material harm if it is not kept safe?
The really scary thing is that their algorithm is predictable. From what I gather from the article, from a single card number, you can predict what the replacement card number and expiry date will be.
So all I have to do is steal your card, wait for it to be reported lost or stolen, and then I can quite happily start spending money on your replacement card. I don't even need to know the pin. I can just pretend to swipe a dummy card with that gadget in my palm and just put a signature down.
Whoever implemented that algorithm needs to be sentenced to life at an Amazon warehouse.
If someone sells me a lock for my front door knowing that it can be opened with a screwdriver, then they haven't sold me the secure lock that I thought I'd bought.
It's high time that manufacturers were held accountable for the security holes that they leave in their products. These issues cost real people time and money to fix, and they can be so easily avoided with a little bit of diligence.
The idea isn't to do all my surfing using TOR.
The idea is to soak up my excess bandwidth with a lot of extra data by running a TOR relay node. This then provides The Powers That Be with an awful lot of encrypted chaff to separate from my encrypted wheat.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
