Really sad part is you can actually show proof from the last time we had this debate. I can't remember all the details but there was a vulnerability in browsers that was found recently but was a holdover from last time we had this debate.
The issue is that you can show these guys actual hard proof of the damage they are trying to cause and they will just wave it off. They are messing with systems they don't understand and they choose intentionally to not understand.
Is it just me that really questions the idea of pimping your car out to random people?
Sure you car can go drive people around while your at work and then come to pick you up at the end of the day. So long as you don't mind the lovely mix of vomit and other bodily fluids all over your car. That is if your car even makes it back.
That would sure make things easier for the chop shops wouldn't it. Just hail a car, disable it, load it up and go. Really cuts down on the risk when someones car will come to you in a nice empty parking lot for you to steal it.
Well, from what I understand, anything you share with Microsoft you give up privacy rights to. So anything your computer sends to them the Government can ask for without needing a warrant.
So.... When you use their full disk encryption and Microsoft "backs up" your key on their servers..... Yeah, after all that has come out about the NSA just try and argue that they aren't making copies of all those keys. If you can do that with a straight face then you have a bright future in politics.
Also lets not forget that the FBI can "neither confirm nor deny" listening in on amazon echos. So yeah, sure they are not listening in on Cortana.
This comment really makes me hope that someday soon people will get together for one of the most epic protests ever. I can just imagine a huge protest with few thousand people marching out in front of some government buildings before all bending over and mooning them.
I love how these people also so quickly overlook history. The way I look at it, the second amendment is there for pretty much one reason, to keep the government fearful of the population. The founding fathers had just fought a war against the most powerful nation in the world after all. Pretty sure the abuses of governments were at the front of their minds when writing these things.
Now you give the government the power to take weapons from anyone they want just because they feel like it... no due process or trial... well you just destroyed the point of the second amendment. Anyone who shows any resistance to those in power will end up on the list and guns taken. Then later maybe they will just use the list to round up these "terrorists".
That email certainly does make these guys look amazingly stupid. I can understand that if I had a system with highly confidential information on it, and it was under attack, first response might be to shutdown, but as soon as that shutdown command was sent I would be working on ways to block future attacks and not turn the server back on until my systems were secured better.
It is amazing anyone in an IT position would be stupid enough to go for the "We will just shut down and hope they go away" method.
As someone who has been excited about this tech for years before Rift even started on, I find this kind of thing so extremely frustrating. I have a head mounted display from the 90s. Used to play the original Unreal Tournament with it. I LOVED it back then but the draw back was horribly low resolution due to the LCD technology of the day. They couldn't make a high resolution screen that small.
Now take a moment and think about that. I had something like the Rift 20 years ago. This stuff is not at all "new" it is just that finally some companies are starting to build it for the mainstream.
What really makes me furious is that I have been waiting for these devices for around 20 years, and now these morons are trying to fuck it all up? Finally we are going to have somewhat affordable VR gear with actual VR software instead of poorly hacked games, and these morons are trying to kill the adoption of it with stupid DRM bickering and mistreating their most loyal fans?
I would first like to point out a few things stated by Yubico's engineer.
"We have both internal and external review of our code to ensure that it is secure." ....... "The bug was inherited from the upstream project which ykneo-openpgp is based on, and was NOT detected by any audit of the source code."
Ok... So they did audits on the code and DID NOT FIND THE BUG, but hold on, they are talking about the bug right? So where did they find out about it?
"It's important to remember that open source code is no guarantee that bugs/vulnerabilities will be detected as the bug you've linked to demonstrates quite well."
To me it sure sounds like having some open source helped, or maybe I am reading into this a bit too much?
Either way, The point of open source is not necessarily that everyone has to audit the code themselves. The point is that anyone CAN audit the code. This means you have a lot more than two small audit groups looking at it. It also makes it MUCH harder to hide a backdoor or anything of that nature. If you add bad code then your auditors that you are paying will ignore it, an independent security researcher auditing the code will not be so kind.
They kind of bring this upon themselves. I'm trying to remember what I was looking for, but a while back I tried looking something up and found what looked like a useful paper on the subject. I then found it had a $31 price tag for the one paper.
I can remember when the Echo first came out. Clearly remember hearing about the features and all it could do. For a second I was excited by the possibilities. Then reading on I get to the part talking about being able to pick up anything above a whisper from across the room even while music is playing, and all this is analyzed by your friendly Amazon.....
My mind shifted gears so fast it hurt. From "Dude this sounds awesome" to "NOPE NOPE NOPE".
"This fee helps defray costs associated with building and maintaining CenturyLink's High-Speed Internet broadband network, as well as the costs of expanding network capacity to support the continued increase in customers' average broadband consumption."
What I would then love to see is an independent audit of their books showing that every cent of that fee was used to pay for that and nothing else.
"The FBI is very good at keeping secrets, and the people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they are very good at protecting them," he said.
Well yes.... I bet they are "good at protecting them", in the same way a gun store is good at protecting their products. That says NOTHING about how willing they are to SELL IT again. We already know that who ever it was didn't do this out of some "civic duty" or something like that because he says the exploit was bought. So I'm supposed to believe this mystery individual won't pad his pocket some more by selling to other interested parties?
The one thing that I keep seeing mentioned is that using the built in random function is not really random. This is indeed very true. The thing is, who is saying they actually wrote anything better? You assuming that almost $50k was used to make a more truly random system.
I for one would not be shocked is that app just uses the built in random number generator everyone is complaining about. I would love to see a study showing how well they did at really making this random.
This really makes me wonder about how companies would handle android phones, because someone could easily buy the phone and install a different ROM and lock the phone so the manufacture is not able to get in.
How would this be handled under this law? Would they be ok so long as they could bypass their official ROM? Or would they have to promise to be able to get into others too?