My favourite is entering a 24 character randomised password into websites/software where the retarded morons designing it felt they knew better than me and blocked/intercepted paste. Or, almost as bad, websites/software that relies on keypress events to cause their processing to do something with my password. ReviewBoard does this with its comments fields - if I paste from a pre-prepared note it is unaware that I've edited the comment field.

If you use KeePass you can configure it to not use so many confusing characters. Sometimes you run into places where the moron designer thought that only alphanumeric characters make valid password characters.

No, it's intentional, premeditated unauthorized use of a computer of computing device. You can bet the farm that nobody authorized Burger King to assume control of their Google device and cause it to access the Internet. That it was in the form of a broadcast advertisement for a large corporation doesn't make it any less heinous to my mind.

Anyone with any clue about security already avoids these things. Many with no clue about security are buying them up for the shiny factor. It is scary because the sort of people who don't have a clue are the sort of people buying them. Even people who care about security are buying and using voice activated devices.

The average person understands that risk quite well. They might not assess its severity correctly, but they understand it. The average person does not understand the risk of these smart devices, and they remain wilfully ignorant when more knowledgable individuals try to educate them. Now we have a set of devices that can potentially be turned into a bot net en masse just by a radio or tv broadcast and the usual owner of such a device doesn't have a clue that it's even possible. Hell, they could take all the right precautions (firewall, apply updates, isolated segments, etc) and still be had. This (https://arstechnica.com/security/2017/03/smart-tv-hack-embeds-attack-code-into-broadcast-signal-no-access-required/) kind of attack springs to mind.

It's scary because Burger King will probably get away with this, paving the way for other corporates to try on the same shit.

It's scary because "OK Google" isn't necessarily the only trigger word. The attacker only needs to convince the trigger algorithm. If they discover a sound or sounds that are innocuous but trigger it then they can trigger devices without being obvious about it.

It's scary because these devices have reached a critical mass large enough that a corporation took notice and exploited them.

... "Malicious attackers in Burger King's advertising department use vulnerability in Google home to make it do stuff its owner didn't request".

It's a bit rich to call it an ad and chuckle about.

It's a lot scary that it's possible for a remote attacker to ask these devices en masse to do something with nothing more than a broadcast ad. For now it was reading a wikipedia page. What happens when scumvertisers and other malicious adversaries figure out a way to make it spend money without your consent? Or to report to them that you have heard the ad, or worse.

An Australian option is TPG. $1/mo and just pay for what you use. SMS isn't too bad at 10c/each, but data is a bit on the pricey side.

Exetel has some reasonably cheap monthly pre-paid packages http://www.exetel.com.au/residential-mobile-cap-plans.php#super_plans

Kogan prepaid sits atop Telstra's network (best 3G speeds/coverage) and is excellent value http://www.kogan.com/au/mobile.

Most carriers offer a pre-paid option that expires monthly and included some number of "free" SMS. You can even get unlimited SMS on some. If you don't buy a pre-paid package with a bundled phone there is no commitment term. If you take a phone they usually hit you up for some number of recharges before they'll give you the unlock codes. Go SIM-only to avoid that.

No DMCA: Carrier has to spend their dollars to find out you unlocked a phone and then bring civil suit against you to force you to use their monopoly service.

DMCA: Carrier spends /your/ tax dollars and the police do the hard work for them.

Why? Then the carrier would need to spend /their/ hard^Weasily earned money on lawyers. This way they can spend your hard earned tax dollars having the public prosecutor spanking you instead.

Even better... it's the law, so the carrier isn't seen to be doing anything particularly petty. They're not upholding the law - the police are.

Why should they? There are many reasons to unlock your phone that don't amount to exiting your contract early.

ie. I travel overseas and like to purchase a local SIM to avoid enormous roaming charges. I still pay my monthly fee and I don't end up using my included minutes on my plan.

ie. I occasionally like to have a different number for dealing with some people (recruiters, companies who I know will sell off my details to every bidder, etc). I can just pop in a second SIM (perhaps on the same carrier, perhaps not, depending on who has the best pre-paid offer this week). I can call them, give them 'my' number and when my business is concluded I can destroy the other SIM and never have to worry about their tele-spam again. No, I don't want (or need) a whole second phone to do that; the GSM spec allows it with interchangeable SIMs.

In either case I am not carrier jumping. I am maintaining my monthly plan in good order, and most of the time making the majority of my calls via that plan.

The reason carriers want the phones locked is not because you pay your monthly bill. It's because they want you to use up all of your included 'value' (I don't know how I get $750 of 'value' each month but only pay $49, but that's a deceptive practices discussion for another day). They want you locked in when you've used up your included value. If you can't switch out the SIM for one that isn't in the penalty range they have you by the love spuds! That's what they want!

Damn, I'd mod that +1 something but I'd already commented. Thanks.

Replying to undo a bad mod... admins, we need a confirm button for mods.

My mum barely computer literate. She can click the 'start' menu and find "Word" or "The Internet" or "Email" (as the programs are named) because she's been taught that.

I got tired of having to go around there and remove all the crapware from her Windows machine (and she wasn't even administrator on it). It turns out that being barely computer literate means she never bothers to remember the basic don't download and run every random piece of crap from the Internet talks we have. Typical "I just want to do this thing I want to do, and I don't care what you told me" mentality of a lot of naive computer users.

I set her up a Linux desktop machine with Xubuntu. It's connected to my VPN so I can manage it remotely. Being Linux there's a practically zero malware. Not being Windows means she can't download and run a whole bunch of crapware that gets peddled by every piece of shit website she visits. Being foreign means she is less reluctant to pick up the phone and ask for help rather than going to Google and then downloading a bunch of crapware. She's yet to find something that she needs to do that she can't achieve on Linux (except install random crapware) with a little help (usually installing the occasional piece of software for her).

Conceded, the situation has improved with Windows 7 - non administrator users are really far less likely to be able to install crapware - but it's not perfect.

Now, your average tablet isn't locked down at all, and usually can't easily be. That means that your computer illiterate user will be able to go to the app store and install whatever piece of shit apps look like they might fill some need (or allow frivolous time wasting). Being computer illiterate, they never check the required permissions for apps. Even if they could be trained to check, would they really understand what they were seeing and ask the right questions? (why should Angry Birds need access to my phone book, SMS messages, email, local storage, network, calendar, etc). Tablets are great. The granular security provided by Android and Win8 (I can't speak for iCrap because I haven't used it for ages, and back then it wasn't granular or listed) is very good, but in the hands of someone who doesn't think about security it may as well just allow everything always because most users will just click the "get the fuck out of my way and install the fucking app already" button, regardless of what they see.

Have you been to a certain mass-market burger chain lately? It tastes like greasy crap. The one here is the least tasty burger offering around where I live (because there's a couple of pubs, a handful of little restaurants and a burger truck, all selling delightful burgers), but they're also the cheapest, fastest and have the largest profit margin to afford mass advertising.

People are (for the most part) cheap and stupid. Consequently the mass-market junk shop does the most trade even though a far superior product exists right next door for only a couple of dollars more.

That's interesting. I go to my local bakery and they put my fresh bread in a bag. Am I doing it wrong?

Try telling this to the "if you aren't doing anything wrong you have nothing to fear" crowd. Their response is invariably "the government would never do that".

I used to prefer VirtualBox, but it's become quite for me lately. The Linux version occasionally brought down my machine and the Windows version would cause BSODs more than daily.

I switched to VMWare player and I haven't had any issues. The only thing I miss in the free VMWare offering is it's nowhere near as easy/powerful to script things.

I've been in two not-at-fault bingles (rear-ended while stopped at lights both times), and each time all I needed to give my insurance company was the rego of the other car and the driver's name. Conceded it made it easier having their full details, but I have never been asked who insures the other party.

A little helpful hint - if your insurer is good, and you get choice of repairer then you should make the claim through your insurer even if not at fault. It shouldn't have any effect on your premiums because the insurance companies will sort that out between themselves. If the other party has a no-choice policy and you let them claim it then you may wind up stuck with whatever (possibly crappy) repairer their insurance sends you to, as happened to a friend of mine recently with very poor results.