Even if you assume that's an accurate comparison, then if the private key leaks, you're in exactly the same position as you would have been in if you'd not used a VPN in the first place. Neither your comment nor the article suggests any way that your security is weakened by using a VPN. As I noted before, a lot of people overestimate the protection provided by a VPN, and pointing out what it doesn't do is perfectly valid. Claiming that it undermines - IE weakens - your security in comparison to not using one at all is simply false.
There's a lot of misinformation and exaggerations about VPN. VPN's do nothing to stop websites and companies tracking you as you browse the web. They don't make you completely anonymous. If you suspect that the CIA or some other corrupt agency with government backing is coming after you, VPN's can be a small part of a comprehensive security in depth strategy but by themselves they aren't going to do a whole lot to protect you.
But that doesn't mean they're useless. I'm seeing a lot of articles like this that pooh-pooh VPNs by pointing out what they don't do, without really addressing what they DO do.
This is like an article that points out that a dead bolt doesn't prevent anyone from picking up a rock, knocking out your window and crawling in your house with a title of "Researchers again show how dead bolts quietly undermine house security."
That might be true - if they were a new upstart. https://www.pappas.com/about/us/ "The Pappas Brothers opened their first restaurant in 1976..." They've been using the name for 45 years.
I don't think this was a particular egregious case of trademark bullying. They are clearly in the same business, and the names are close enough that if both had a restaurant in the same city there'd be a real chance of confusion. I suspect they probably were aware of Pappa's but were willing to ignore it until Pappa's prepared to register a trademark and explicitly brought it to their attention. Sure, they could have just opposed the registration and not demanded they stop using it, but lawyers gonna lawyer.
Damn. I hate to see this scumbag back on the streets. I'd like to see him thrown under the jail until he rots. But legal protections protect the guilty as well as the innocent and there's no way to avoid that. Hopefully, he does something stupid again and gets what he deserves. Meanwhile, the rest of us still enjoy some protections against police over-reach.
I think there's definitely a place for this, and it's something I strongly support, but I don't believe it's a complete solution. Part of the problem that YouTube and other sites are struggling to address is control of propaganda, hate speech, etc. For one example, third party filtering might be able to ensure that I don't see anti-vax videos that are resulting in children being sickened, but it does nothing to address the anti-vax movement using YouTube to spread their messages to those who are receptive to it.
A documented Telnet capability with documented default account credentials isn't a backdoor. An undocumented default account or an undocumented Telnet capability, particularly one that isn't visible or obvious in the default GUI configuration tool, is a back door. The existence of a backdoor doesn't mean it was either intentional or nefarious. It might very well be a mistake. Bloomberg's accusation looks to be premature and overwrought, but Vodaphone's response is something of a non-sequitur. There's also nothing about the telnet protocol that makes it inaccessible from the internet, and it's absolutely possible to use the telnet protocol as a backdoor. Without additional details - was telnet ONLY enabled on internal interfaces, was there undocumented accounts, etc. - it's not possible to know what was going on here.
" It's a phrase that's irritated actual free speech experts for years..." Then those so called experts need to get a friggin' clue. Yes, you can shout "Fire!" in a theatre if the place is actually on fire or if you're in a play, etc. You can shoot someone if they're trying to shoot you first. Hell, you can even drop an atomic bomb on a city if you're in a war and have been legally ordered to do so. Outside of physics, nothing is absolute. The phrase clearly refers to causing a panic by falsely convincing people their lives are in danger when they are in fact not in danger. If you object to that, your pedantic ass needs to get a life.
Yep. You're absolutely right and I'm well aware of it. What Tesla did absolutely should NOT be illegal. But that doesn't change the fact that Tesla artificially limited what the vehicle was capable of doing for no good reason in my book. They couldn't get get enough 60KwH batteries? Guess what, customer, you got lucky and got extra range due to our problems with our supply chain! That would be the decent thing to do. What Tesla chose to do instead was scummy and reflects poorly on them in my view, even if they were allowed to do it.
I don't have an issue with this one. Tesla isn't controlling what you can do with the car you bought. They're controlling what you can do with THEIR Superchargers. Big difference. The other issue - giving extended range - I find much more troubling. First, it's completely absurd that they can update your car without asking your permission. Second, the fact that they're artificially limiting the range is equally absurd.
Largely agree with you but have to pick one nit: Google didn't have a better idea. They had a better implementation of the same idea. Ideas are cheap and worthless. Implementation is the difference between success and failure.
I think one of the things missing from the discussion is how shallow the relationships are. If you base your relationships on how someone looks rather than who they are, then you will be sorely disappointed at some point as they get old and ugly, like just about everyone does.
The discussion doesn't say that the relationship is based entirely or even largely on physical appearance. It simply says that the physical attractiveness within the relationships tend to be symmetrical. In order to develop a deep relationship based on something other than physicality, you have to get to know someone. But before you can get to know someone, you have to meet them. And if everyone you meet (off the dating site) is reasonably close to your own attractiveness, then the only people you have a chance to develop a relationship with are inevitably going to be similar in attractiveness to you.
ANY SMARTPHONE THAT IS MANUFACTURED ON OR AFTER JANUARY FIRST, TWO THOUSAND SIXTEEN, AND SOLD OR LEASED IN NEW YORK, SHALL BE CAPABLE OF BEING DECRYPTED AND UNLOCKED BY ITS MANUFACTURER OR ITS OPERATING SYSTEM PROVIDER.
Apple could now commence selling smartphone kits.
The user then becomes the manufacturer and so is thus only one who must be able to decrypt it.
What the hell does it mean to "decrypt and unlock" a cellphone? What if I can install a 3rd party app that securely encrypts my data. Is that phone still illegal? If so, then isn't ANY cell phone illegal to sell?
If not, then what if Apple (or anyone else) sells a cell phone with a minimal OS that includes no encryption at all, and, after the purchase is complete, offers a downloadable upgrade that installs a highly robust encryption feature? For that matter, they could provide a service to upgrade the phone at the Apple store as soon as the cash register ring echo dies away.
To be clear, Gemal is claiming that the SIM keys were not compromised. They say that the hacking was of their office network and that the sim keys were not stored on that network at all, and that there is no evidence that the hackers breached the internal network where the keys are stored. They may very well be lying, but their claim is not that someone else having the data is harmless; they're saying no one else has the data.
Either way, the state gets to keep the assets of a citizen. What about that doesn't smack of asset forfeiture?
What doesn't smack of asset forfeiture? Pretty much everything. I'm not in favor of this specific change to the law but there's a HUGE difference between this and asset forfeiture. If you're driving without insurance, you're breaking the law, and it is, in principle, a reasonable law. If you cause a wreck and have no insurance, someone else gets to pay for the consequences of your bad decision. The law is intended to protect the innocent victim. I have no heartburn with the general principle of having a law requiring automobile insurance if you're driving on a public road and with having reasonable consequences for breaking that law. If you're caught speeding, you get fined. You pay the fine and guess what - the state gets to keep your assets. That's how fines work. It's the inherent nature of a fine. The problem with asset forfeiture is that you don't even have to be breaking the law, and there is no reasonable way for you to contest the issue. If asset forfeiture laws required that you be charged and convicted with a crime before your property was permanently confiscated and that the relationship between the assets being forfeited and the crime was reasonable (ie you don't forfeit your house for selling a dime bag), then I'd have much less heartburn with asset forfeiture.
The very thing that was attacked in France is now being attacked by France, though obviously with litigious weapons instead of firearms. This isn't to suggest any moral equivalence between the two, of course, only that free speech is one of those areas where you're either for or against.
Why wouldn't you suggest a moral equivalence? In both cases, the assailant uses force to impose silence on the victim, justified by the claim that they're specially privileged in being authorized to use said force. One claims a special disposition from a deity, the other is a member of a group (government) which they claim has special disposition. Granted, one tends to use deadly force a bit quicker but I'd call that a difference in degree of application, not a fundamental difference in kind.
I think a better question would be are we even able to draw the line? The only way I can see of drawing the line is a nightmare scenario of outlawing any research coupled with draconian enforcement and even that's almost certain to fail. The technology will be developed, information about it will spread, and it will become easy and cheap enough that individuals or small groups will be able to put their own lab together in secret if desired. How the hell do you draw a line around that?
That depends on what you mean by "breakable." Many of the current algorithms are essentially unbreakable in that if you had every computer in existence working on them it would still take longer than the existence of the universe to brute force them. Whether this results in absolute security, however, depends upon a large enough key, the key being random, the software implementation of the algorithm not containing exploitable bugs, etc. Those are mighty big assumptions. But if you're reasonably smart about crypto and use reasonable practices, you can encrypt things now and through the foreseeable future which neither the NSA nor anyone else will be able to read by breaking the encryption. That doesn't mean the NSA won't get your communications, however. A key can get compromised. In order for your recipient to read the message, they have to decrypt it and the system doing the decryption can be compromised and the plain text exposed. Etc. In other words, there are many avenues of attack other than just breaking the encryption and the NSA is quite good at all of them. So if you're saying that any communication can conceivably be compromised, then yes, I agree. But if you're saying that any method of encryption can be directly broken given enough computer horsepower, then I'd strongly believe that to be incorrect. If it IS correct, then the NSA has made some startling and revolutionary advances in the field of mathematics which would shock the world.
For whatever it's worth, I'm a network engineer who's set up a large number of IPSec connections and I strongly concur. Additionally, I'm really curious as to the details of cracking SSH. I'd be willing to wager that the sessions they're able to crack use small key sizes.