Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

adespoton

@adespoton@lemmy.ca

This profile is from a federated server and may be incomplete. Browse more on the original instance.

adespoton ,

And only some e-bikes have a built-in cell phone.

adespoton ,

Why exactly does vehicleprivacyreport want my VIN instead of year make and model? That’s me giving an unvetted third party website the unique tracking token for my car….

adespoton ,

Theoretically, the SIM has its own MAC that’s used for routing on the cellular network; however, the network is required to route 911 calls even without a SIM, and that’s done via IMEI.

adespoton ,

The difference is that my ad blocker is quick and painless to set up, where TiVo involved some capital and planning.

adespoton ,

I remember when I had to set my VCR to record a program I wanted to watch; if YouTube gets that bad, I’ll just do the same thing; pre-record the video stream and skip the commercials.

adespoton ,

Perplexing.

adespoton ,

Once upon a time print shops would only accept files in Quark Xpress format. Eventually, they came to accept InDesign documents too. They have licenses for the software and workflows and toolchains set up to integrate those files into their existing prepress and press systems.

LaTeX is purely for academic markup for postscript printing. VivaDesigner and its kind? Only niche and hobby layout and print.

That said, I only share in PDF now, so I use other software for the layout phases and don’t care that it isn’t portable to other shops.

adespoton ,

I miss the roflcopter.

adespoton ,

It’s in the article; newer gen chips will have extra DRM that will prevent the hacks from working.

Oh, you meant when will the anti-hacks stop?

Bless your heart….

adespoton ,

Ah; but do they have plans /not/ to phase out v2?

Because if they don’t, phasing it out will eventually be the easiest way to maintain their codebase and performance.

Token2 is an open-source Swiss FIDO2 security key that brings innovative features at a cheaper price (www.token2.ch)

Token2 is a cybersecurity company specialized in the area of multifactor authentication. Founded by a team of researchers from the University of Geneva with years of experience in the field of strong security and multifactor authentication. Token2 has invented, designed and developed various hardware and software solutions for...

adespoton ,

Dual PIN is a great idea; I’d also love an emergency PIN that invalidates the token silently (so you can enter it under duress).

adespoton ,

I guess my suggestion wouldn’t be useful then… I was a GrandCentral customer in 2006. When Google bought them I became a Google Voice customer and still am. It’s been convenient to have the same US numbers for 18 years. I wouldn’t run anything private through the service though.

adespoton ,

Indeed. If true, it means Apple’s technology doesn’t work the way they claim. Which is a really big issue.

adespoton ,

Not quite; the contents all go in a bag labeled “trash” — someone still has to remove it from the locker.

adespoton ,

This isn’t helped by most websites reinventing themselves every couple of years so the old links 404 even though the content still exists.

adespoton ,

A train is a collection of rolling railcars propelled by one or more locomotives. These are individual self-powered railcars.

So no, there’s no train here. Just monorail pods that will get congested as density increases.

The whole concept of a train is that all the cars move together and the only congestion is at the switching yards, where it can be optimized.

adespoton ,

How else are they going to win the rail pod challenge?

adespoton ,

Anything faster would be a safety issue.

adespoton ,

I drive a hard bargain.

adespoton ,

You cross posted twice?

adespoton ,

If you use it for everything, when you use it ceases to be useful information for data gatherers.

It’s why companies have data retention policies. That way they can’t be accused of intentionally destroying data to hide things, because they destroy ALL data like that.

adespoton ,

I’ve used it to tweak a speech I was writing to make it more appropriate to my intended audience….

adespoton ,

The company I work for has acquired a number of small companies over the years; the result has been a mixed bag. In one case, the original product and employees were dropped completely, only retaining the IP. In a number of other cases, the original teams and products were kept intact with cross-over between products plus a huge boost in funding and customers over the years. In most cases, the companies were absorbed into existing management structures and the employees and technologies deployed inside the existing product line, sometimes with a few things that didn’t match the company strategy sold off or spun off into their own company.

Personally, I consider all the acquisitions except the single case where everything was abandoned to be a success; in that case, the exec in charge of acquisition was made redundant when everything else shut down.

adespoton ,

He sounds like a professional fall guy to me; who hired him? I bet THEY were the real ones to blame for what happened.

adespoton ,

I saw a user’s hash just this week — it was in a ransom note. They required their victims to sign up for the service and text a code to their userhash to kick off sending the attacker cryptocurrency so they’d send a decryption key and not make stolen data public.

Other than that use case, it hasn’t picked up many users that I’m aware of.

adespoton ,

So? Tor is in a similar boat.

Government agencies need secure crypto to hide their activities, and it doesn’t work if they’re the only ones using the technology.

adespoton ,

Not to mention, SMS was removed because it’s inherently insecure at every level. Keeping it would mean there’d be an insecure side channel into the protocol. While it’s a useful onboarding mechanism, it can also be abused — and was. So eventually it got removed to prefer privacy and security over convenience.

adespoton ,

Anyone have a TL;DR?

This sounds like you’d have to spend a lot of time managing it and that you’d have to trust the people you know for it to be private.

My rule has always been: everything should be done anonymously online unless you want everyone (including automated dragnets) to know about it.

Israel Deploys Expansive Facial Recognition Program in Gaza (www.nytimes.com)

Within minutes of walking through an Israeli military checkpoint along Gaza’s central highway on Nov. 19, the Palestinian poet Mosab Abu Toha was asked to step out of the crowd. He put down his 3-year-old son, whom he was carrying, and sat in front of a military jeep....

adespoton ,

Oddly, it sounds like the facial recognition actually worked. Most such systems have a huge FP rate, so are useful for narrowing the search but not dependable for identifying that someone in footage is actually that person.

The problem here is more the intel backing it and the actions taken as a result; it sounds like the actual use of the tech is being done in an appropriate manner to account for potential FPs.

In other words, the problem is persecuting and killing Palestinians and equating alleged association with guilt, not with facial recognition tech.

adespoton ,

Can you though? LS now operates in user mode, which means it can no longer block traffic sent to Apple via a kernel thread.

It’s all a bit pointless though, as a LOT of hardware now calls home as well, and it doesn’t matter what OS to run on top of it unless you’re running something like TempleOS. Vanilla Linux is not going to protect you by itself. And if you’re using a repository system for software updates, that’s going to be reporting your software too — and many web browsers also report the URLs you go to (or even consider going to) and what extensions you have loaded.

But that article points at a solution for macOS users: it’s the certificates that are being checked. Any non-bog-standard software I run is not notarized or signed, and it functions just fine and has nothing to send back to Apple’s servers. First time I run it I need to right click and select Open to run the app, and this bypasses the entire signer system.

adespoton ,

And this is why you never ever use ISP DNS, run DNS over HTTPS in the browser, and always use encrypted networking.

And use VPNs appropriate to the activity, when appropriate.

Oh, and never turn on ISP-supplied WiFi, as that gives them full access to the traffic from every device on your LAN, what physical hardware you own, and even where it is located in your home (and when it leaves and comes back to your home).

adespoton ,

Was just going to say… my phone has 512GB storage and can do direct WiFi file transfer to my computer without a hotspot. All without using the mobile hotspot feature.

adespoton ,

That’s not going to get you the job.

I’d just go with “I’m sorry; most people don’t have the appropriate security level so I don’t write those jobs down. What’s your clearance level?”

You can always follow that up with “I worked for a shell corporation that we stood up for the job and dissolved when it was finished. You won’t have heard of it.”

adespoton ,

Is it a problem though? Old versions of VLC still work fine; I have it on my iPad 2 but haven’t updated it in over 5 years.

Old hardware doesn’t have to worry about security updates because it’s already insecure. So unless VLC stops working, I don’t need updates. And it’s not like my iPad is capable of playing HEVC 4k HDR video anyway, so new codec support isn’t a problem.

adespoton ,

My point though is that if you’re running the old device without appropriate lockdowns, it’s already leaking like a sieve. It’s been at least five years since the corporate perimeter has been considered more than a minor line of defense, specifically because there are so many pieces of equipment long out of security patch support (if they ever had it) that can’t be trusted.

And ransomware actors don’t bother with the printer; they get in via phishing emails and misconfigured routers and remote access tools — because it’s too much work to target the printer when there are juicier targets.

Although there’s been a recent push towards credential management compromise, and if you’ve got an iPad 2 connected to an Apple ID that also happens to include an iCloud keychain with your Exchange server credentials on it….

adespoton ,

This is most likely the culprit. On my work computer I have regular powershell scripts set by IT that run regularly to manage profile settings, push updates, etc.

adespoton ,

They’ll know which adults visit porn sites without a VPN anyway.

Kids are and will be significantly more creative.

adespoton ,

Artemis seems to have been embroiled in ownership disputes for millennia… just ask the people of Ephesus.

adespoton ,

I allow USA Today to speak freely, including speaking their ad frames and images.

But that doesn’t mean I’m compelled to listen to everything they say.

USA Today: speech isn’t free if I’m forced to listen to it.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • incremental_games
  • meta
  • All magazines
    •