For the record, I wasn’t locked out of using any of my systems - only from using any of Apple’s online services. My Mac, iPad, and iPhone continued to work just fine and continued to allow me to run whatever applications I wanted.

Given that, you could apply your silly statement to every online service in the world, including here on /.

Yaz

It hit me right in the middle of a FaceTime call. Lost the call, was logged out of everything, and was then required to change my password. Wound up getting locked out, and had to use my wife’s iPhone to get an account unlock code from Apple. Changed password, and then had to go through all my devices to update the password to get back in.

Didn’t take up as lot of time, but really wasn’t something I wanted to have to deal with when it happened. But both my wife’s and my daughters Apple accounts were unaffected.

Yaz

Running the health systems is completely the purview of the Provinces. The major requirements of the Canada Health Act are mostly in terms of what services are offered (so that we don’t have a nationally fractured system where basic procedures aren’t universal).

Other than that, there is the health transfer from the Federal Government down to the Provinces — but the Provinces aren’t supposed to rely solely on that transfer to fund their health care systems. And that money typically doesn’t come with any strings attached (other than it be used for healthcare).

Crumbling systems are entirely the fault of the Provinces. The licensing of Doctors happens at the Provincial level (albeit by the various Provincial colleges), training and education happens at the Provincial level, hiring of Doctors and Nurses happens at the Provincial level, and the construction of hospitals happens at the Provincial level. And those are the parts of the system that have been failing, and mostly because successive Conservative Provincial governments have been starving the system.

Yaz

The bulk of which aren’t due to the Federal government, as in Canada the provision of healthcare services is the domain of the Provinces.

It’s notable that two of the Provinces with the worst problems are led by Conservative Premiers, who have been dismantling health care systems in their Province as a way to try to bring in more American-style private for-profit healthcare.

Yaz

Being "first to market" doesn't indicate something is unsafe or untested. Research into mRNA has been ongoing since the 1960s, and the first mRNA human vaccine trials started in 2001, with the first human clinical trials for a rabies mRNA vaccine starting in 2013.

In this case, "being first to market" is misleading, as mRNA vaccines already had 20 years of human testing by the time the first COVID-19 mRNA vaccines were approved.

Yaz

Hyundai’s keyfob does the same — but if you’ve parked at a mall (as one example) and are walking around with the keyfob in your pocket, the relay attack will work just fine (unless you’ve put the keyfob into a faraday pouch).

The motion sensor kill switch is great for when you’re at home and your key is in a drawer, but not otherwise.

Yaz

HOTP (and TOTP) wouldn’t help in this case, as it’s not that the authentication is being broken. The problem is that in allowing proximity alone to activate the authentication, you can create a simple RF bridge to fake the proximity portion. You don’t even need to parse the RF signal or bring it back into the digital domain — at their most basic, these devices aren’t snooping the authentication, nor doing a MITM attack — they just boost the signal from the keyfob, and relay signals from the car back to the fob, allowing the fob to authenticate even when it’s distant from the car.

The most mathematically perfect authentication in the world isn’t going to fix that. By allowing the convenience of allowing the car to unlock when the keyfob is apparently “near”, just by boosting the signal between fob and car when they’re not proximate allows those two devices to perform a normal authentication — and the device in the middle doesn’t even need to know how the authentication works, nor parse (nor try to hack/fake) the data being relayed. Better authentication doesn’t fix that — it’s an issue of the protocol making assumptions of proximity that are easily faked via basic signal boosting.

Hey, kinda like your post!

Yaz

The problem here is that the “real” key fob is still the one in this attack doing the authentication, so it will still work regardless.

The problem is that this authentication happens automatically based on proximity — and the attack fakes the proximity, and not the authentication. The authentication here is still real, and doesn’t need to be faked — they’re not doing a MITM attack, just providing a bridge such that the car thinks the fob is nearby, at which point they authenticate as expected.

Your proposed solution doesn’t fix this problem, as it’s not an authentication problem in the first place. The attackers aren’t faking the authentication, nor are they even providing it — they just provide an RF bridge to boost the signals such that the car and key think they are in proximity, at which point the car and key authenticate and unlock the vehicle.

Hyundai does at least have an automatic power-kill switch built into their fobs when they’re at rest; however I don’t know if this is in use in the UK (where it appears the majority of attacks of this sort against the IONIQ 5 are made).

Yaz

It is my understanding (as an IONIQ 5 owner) that Hyundai already has a partial solution in that once the fob is still for a few seconds, it effectively shuts itself off completely (and powers back up when it detects motion again).

This is great for a situation where you’re at home and your key is in a drawer, but isn’t as ideal in a situation where you’ve parked away from home and are walking around within relay distance with the key in your pocket — in which case it will remain powered on and can be relayed.

Yaz

Science makes no such claim. Indeed, science has yet to fully encapsulate what it means to be “alive” in the first place.

So stop claiming that science says what you want it to say, just because that’s the result you desire. That in and of itself is not science.

Yaz

Nope - didn’t forget; as you pointed out MS gave up on Xenix in the late 80’s, and I specifically stated (as you quoted) “UNIX wasn’t even on Microsoft’s radar in the 90’s”.

MS did some stuff with UNIX in the 70s and 80s, but by the 90s they were all in on DOS/Windows and Windows NT, with a bit of Mac OS (before it was UNIX based).

Yaz

Strong disagree. While creative types have long favoured Mac, most hard-core developers and power users eschewed it for other platforms — until around 2003/2004, when OS X became mature enough and developers with UNIX-style toolchains moved over in droves.

Go back to relevant /. stories around that timeframe, and you’ll see how common it suddenly become to go to conferences and see 80%+ of developer laptops being PowerBooks (and later MacBook Pro’s). That was virtually unheard of just a year prior — and a lot of devs still prefer it to Windows, because most UNIX-style commands and toolchains “just work”.

Yaz

it was about beating OS/2.

Most of the other UNIX’s weren’t designed to run on 80x86 platforms, so they were never in any real contention with Microsoft. AIX, HPUX, Solaris, Dynix (which was Intel based but had a special architecture separate from PCs) — none of these were in the same market as Windows.

No, Microsoft’s target was OS/2 — which had a bigger resource footprint, but was also a vastly superior OS, with real pre-emptive multitasking, a (by 90’s standards) modern high performance file system, the ability to pre-emptively multitask Windows 3.x and DOS apps well before Windows 95, and a superiors desktop environment (a modern Workplace Shell would still absolutely slay). It was here that Microsoft introduced Win32s and kept changing it every few weeks to break OS/2 compatibility for newer Windows apps. It was here that the per-processor agreements were put into place with systems manufacturers to make selling OS/2 on systems more expensive (for those too young to know, in these agreements the manufacturer paid and charged for a Windows license with every system sold — even if it didn’t come with Windows. So if you wanted an OS/2 system you were paying for both OS/2 and a Windows license you didn’t actually get).

UNIX wasn’t even on Microsoft’s radar in the 90’s — it just wasn’t a PC operating system, and was mostly targeted to systems that didn’t compete with Microsoft. If you wanted a UNIX system, you had to buy your hardware from your OS vendor (much like with macOS today) — virtually nobody (except some of the early cool kids running Linux and *BSD) was buying white-box Intel systems and running UNIX — the numbers were too small for Microsoft to care. OS/2 was their real target — and in the end, it worked.

Yaz

That just points to how far behind the US is in decarbonizing its electrical infrastructure. That’s not really a knock on EVs.

Here in Canada, ~80% of our electricity is from hydroelectric sources, and ~90% is from non-carbon emitting sources (hydro, solar, wind, nuclear).

The good thing about running an EV in a jurisdiction which still uses CO2 emitting fuels for electrical generation is that you can knock down the CO2 emissions by just replacing the power plant, and not both the power plant and the vehicles. The EV effectively gets the upgrade “for free”.

Yaz

This goes back a very long way, but back when I was publishing The Sound Blaster Digest (early 90’s) I eventually started publishing using Windows Write on Windows 3.1 specifically because of OLE — I could package an “e-zine” with audio, graphics, fonts, and better formatting than the hand-formatted ASCII I was previously using. I continued with the ASCII format as well every month (which was a good deal of work) and released in both formats, but the Write version (being published at a time when HTML wasn’t accessible to the regular user) was always very popular for that reason. Embedding the media straight in a document every Windows user could use felt groundbreaking at the time.

Yaz