Comment Re: Complex Issue (Score 2) 72
Just because something is not directly internet connected doesn't mean it no longer requires security patches. That is very naive thinking.
Just because something is not directly internet connected doesn't mean it no longer requires security patches. That is very naive thinking.
Except for the fact that they already did it, so..... yeah.
Being able to make airtag-accurate tracking devices work globally from space without high power required (ie work for years on a button cell), without cellular networks required, and being able to make it look like an ordinary bluetooth device to blend in, *AND* being able to transmit other telemetry besides just location (such as sound), has very obvious military and espionage applications, not to mention industrial applications.
People in the replys point to Home Assistant and Hubitat as alternatives - however, Home Assistant is also a commercial product and requires updates. If they stop updating it, for any reason, then you're just going to leave yourself open to cybersecurity issues.
The idea of having IoT hardware sitting around without receiving software updates is now a myth. These devices all need a constant revenue stream, of some kind, to support the people writing security patches. Because open-source developers tend to not do that, as it is boring work that you need to pay people to do - yet, many places are now either already passing or looking to pass laws to make said patches required, to try to combat rampant cybersecurity breaches.
Welcome to the new age of disposable technology, brought to you by your friendly neighbourhood ransomware operator.
Bing is near useless as a search engine. I feel bad for you if you think it is returning better results than Google.
[Insert old man shouting at cloud image]
I don't care what they are called. The simple fact is that when people meet nowadays, they don't even exchange phone numbers. They exchange Insta and TikTok handles.
You can shout at the sky all you want, your opinions aren't relevant frankly.
Gen Z and Gen A in the US increasingly don't use SMS for messaging. They have caught up with the rest of the world and use WhatsApp, TikTok, Instagram, and other applications.
As they do this, their dependency on iMessage wanes dramatically. When you keep in touch with your friends all via Instagram and TikTok there is no reason to be bound to iPhone anymore.
Having reddit elevated in Google searches is generally helpful.
Having the cesspool that is Quora elevated helps noone.
One of my favorite Chrome extensions is the one I have that automatically strips Quora from all google results.
American Express customers have gotten targeted offers in their app for years now.
I for one, love them. They have paid for my card annual fee in many situations.
Regardless, I don't recall that being a Slashdot headline.
American Express customers have gotten targeted offers in their app for years now.
I for one, love them. They have paid for my card annual fee in many situations.
Regardless, I don't recall that being a Slashdot headline. Not sure why this is news for needs.
Meanwhile, Microsoft is the world's largest cybersecurity vendor.
Microsoft currently earns $20B / year in cybersecurity revenue, more than any other standalone security company.
Ironically, they also build the products that people are paying them to secure.
There is absolutely no reason that so many TOTP Two factor apps - that all do the exact same thing - need to exist. It just creates confusion in an already confusing area.
There was an interesting paper recently that looked at first time contributors to open source projects. They found that their first few patches are way more likely to introduce vulnerabilities when the code base is in C++ compared to Rust. The difference gets smaller the longer the contributor is around but never vanishes.
Maybe the devs are not bad, maybe it's you setting them up for failure?
https://cypherpunks.ca/~iang/p...
Quote from the conclusion ofnthenpaper:
> Namely, while it may still be true that Rust may feel like a more difficult language to learn, in at least some ways, new contributors actually benefit from its adoption, with their first contributions being less than 2% as likely to introduce vulnerabilities as C++,
So you avoid RAII since I gives a false sense of security? It also removes a class of bugs you can have without it.
> If the compiler barks you should be really careful about that unsafe block over there because memory but hey this block over here which results in melted steel when not done in the correct sequence is not marked for safety by the language and therefore does not deserve attention according to the language, what is the implication from a psychology perspective?
It absolutely would bark at "this melts metal when done wrong". Any sane rust dev would make that a unsafe function, so you would need to call that in an unsafe block.
What this country needs is a good five dollar plasma weapon.