You won't "plunge into the void". You need to alter your thinking.
If you think you are an atheist and not scared of death, IMO you are not a real atheist because you still have some kind of notion of something after.
The primal roots of suicide are buried in religion and thoughts of an after-life. The sooner people wake up to that fact and seek to correct it, the better.
The whole notion of "something better than this" or "anything is better than this" assumes there is a "thing". There isn't. There is nothing. And nothing is not an "escape", it is nothing. Period.
If people did not feel there was somewhere or something better to escape to, they would not be offing themselves.
The Windows interface is a GUI, not an operating system. Microsoft wants to limit your applications to those that use the Win32 API to sort of simulate the "Windows is the OS" look and feel, but that's not really what's going on.
The Android interface is a runtime, not an operating system. Google wants to limit your applications to those that use the ART runtime to sort of simulate the "Android is the OS" look and feel, but that's not really what's going on.
The GNU stack is userspace, not an operating system. GNU wants to limit your applications to those that use the glib API, but that's not really what's going on.
The problem with your statement is you make the assertion that Bing no longer sucks, which is false. Bing is still horrible.
FIPS level 3 has nothing to do with software, that is the level which requires safeguards against physical tampering - tamper-evident seals etc. Again, nothing to do with the actual operation of the software. Level 4 takes Level 3 up a notch requiring even more hardening around "the module"... but AGAIN, nothing about how your software actually USES the module. Such a thing is totally outside the scope of FIPS.
FIPS is an outdated standard. It made sense when it was created and crypto was not well understood and poorly standardized. Today it adds little value because almost all software on earth uses standard crypto libraries.
Don't even get me started on PCI, which isn't even worth the paper it is written on.
Detecting the position of jamming sources is not as easy as it is in the movies.
And if you are trying to commit grand theft, I don't think you are worried about the FCC.
Company spends $10,000 on delivery drone. Company dispatches done on it's first delivery run. Rogue actor uses $100 worth of equipment to jam all transmissions to/from the drone, removes power source, and steals it. Company is now out $10,000.
Because they are unmanned, drones are simply far too easy to lose and far too easy to steal. They are impractical.
*sigh*
YES, there is a specification for it.
NO, it is NOT mandatory for an EMV card to have contactless payment.
To imply as such is misleading.
MANY EMV cards do not have contactless payment, it is up to the issuing bank if they want to do that.
It is a total joke.
FIPS 140-2 ensures your algorithm is part of a standard set - big deal. It does no investigation at all as to how you use that algorithm or why you use it. If you are using AES with a FIPS-certified library, you get the checkbox. Nevermind the fact that the private key you are using is sitting in plain text on the disk.
Its the same as all federal standards - FedRAMP, FIPS, FISMA, ISO 27K. They all do *SOME* things, but none of these standards, or any intersection of them, actually do anything with regards to real secure engineering. Note, I am not even sure it would be close to practical to do this. I am just raising awareness that saying that an application is "FIPS certified" is next to useless.
Source: I have dealt with getting applications certified in all of these umbrellas, and more. It is an extremely time consuming and expensive process for all involved to get certified - but in the end does very little in terms of real application security. But it sure makes the auditors a lot of money!
FIPS is a joke and doesn't really do much of anything to ensure real security. Its just a compliance checkbox. An appliance running a piece of software can be 100% insecure from the ground up and be FIPS certified quite easily.
While it is common for your card issuer to bundle them, EMV has nothing at all to do with RFID cards. Many EMV cards have no RFID chip at all.
EMV == "Chip and PIN". There is a private crypto key on the chip on the card and a two-way live handshake done at the terminal, and you must enter a PIN. No signature is used.
RFID == MasterCard PayPass and Visa PayWave. Again there is a private key on the card but there is no PIN used to guard it. Transactions done by RFID are normally limited to $50.
The fact that Swift *only* targets iOS and OSX makes it a non starter for most companies. Companies are not in the game of building an app twice from the ground up. Cross platform frameworks for apps and games are ESSENTIAL - even if the app has a different skin between iOS and Android, the internals all need to be cross-platform. Otherwise you are spending 2x the cost for none of the benefit.
FWIW, this is also why this survey is incredibly flawed. The vast majority of iOS and OSX apps are not open source so stats from Github are totally irrelevant as to what trends are actually occurring in industry.
Donate
Donate
DONATE
If everyone who posted a reply to this story donated to the EFF with their dollars in addition to their words, that would be pretty substantial in aggregate, and they could do some real work with those funds.
Donate to the EFF. They have been fighting this fight for as long as I have been alive and are one of the only groups to has maintained the fight. While I have donated to them on and off over the years, I have been lax for quite awhile. I just donated to them and challenge everyone else to do the same.
PS: And, this comes from someone not in the USA who DOES NOT get a tax break from his donation since they are not registered in my country, but who recognizes the global impact of the EFF.
Unless you can give me all of Apache.org in Pascal I am not interested because it ewill mean lower quality applications that take 10x as long to develop because you will have to reinvent the wheel.... again and again and again.
If you are in management, then I imagine you agree with my post.
"Don't drop acid, take it pass-fail!" -- Bryan Michael Wendt
