Amazon.com provides public services over the Internet by design. It would be pointless for them not to, as the whole point of the company existing is to do so.
A car's purpose is to move its occupants from point A to point B. It has zero need to provide any public Internet services, so why the hell does it need to be publicly accessible over the Internet?
While I wouldn't say Rook Security is a household name, I know I've heard of them before. ( Although I admit, I can't think of where, and I don't exactly know anything about them. It could very well turn out that you're right.)
That's a fucking idiotic analogy.
A real car analogy is you buy a car that has a tracking device in it, but later decide you don't want the tracking. You have the car maker disable the radio, only to find that they are still tracking you. For some reason, probably because you are an idiot, you are pissed off about this.
FTFY.
Just tried it. Your exact quote, copied and pasted. Worked fine. Gave me a bunch of listings from the correct site. Even HTTPS, too.
Okay, I'm a software developer and I see where the usability problem is. The problem is that the program didn't make it clear that the backup was a system option and not a local option.
How do you know this? This sound like an "I'm an idiot and do things I don't understand! Why didn't you protect me from myself?!" kind of question. If the user had been even moderately intelligent about this stuff, then they should have known why it did what it did, and added that into the summary. They didn't, and made it quite clear that they think this is Google trying to steal their photos, rather than themselves making a mistake with their settings.
It could have been a 40 point font warning that required the entire thing to be read before dismissing, and a lot of users would still not remember seeing it. I hardly think that because the user didn't realize what was going on, that it makes this a usability problem.
A voice controlled smart TV switched on with no picture because the satellite/cable box is off is both non-obvious, and a privacy issue.
Is this the fault of the manufacturer of the TV, because they didn't put up a huge "NO SIGNAL, BUT YOUR TV IS STILL ON, IDIOT!!!1!!!1" banner on the display when there's no signal detected?
Or is it the idiot user's fault because they didn't turn off the fscking TV?
But the program isn't doing something. You said that yourself. Some other program, which hasn't been uninstalled, is doing something. Of course it's going to continue to do that thing after you uninstall some other program on the device.
It's not multiple engines. That's the stupidest analogy I've ever heard.
It's more like this:
You have a car. Your speedometer says you're doing 60 in a 50 zone, so in order to prevent yourself from getting a speeding ticket, you remove the speedometer from the car. Then, you're both surprised it still moves, and surprised that you get a speeding ticket for doing 60 in a 50 zone, when your speedometer obviously didn't say you were doing that, so you couldn't possibly have been speeding.
Your speedometer isn't making the car move, and Google Photos isn't doing the backup. Google Photos is an app that runs only when you run it. If you set Google Sync to backup your photos, don't be surprised when it backs up your photos.
Just out of curiosity, what do you think the proper homonym phrase is for this?
You do realize Assange and Snowden are two different people, right?
So... for the first production run, the vendor decrypted the data, then emailed it back to the entire project team to see if it was right. This was names,family members/relationships, addresses and SSNs for about ten thousand people.
One of my clients is a medical practice. They've got an internal, non-cloud practice management database, which is stored on a computer right in the office. They got an upgrade from the provider, as part of their service contract, which had a slightly different database format, which for some reason, the provider hadn't written the program to upgrade by itself; it had to be run through an upgrade process at the provider's location.
So, the provider's tech connects up using GoToMyPC, or something similar, goes into the program, exports the data, zips it up....
I should have been paying more attention, as it was almost finished the transfer, when I looked and realized he was using plain FTP. I asked him if the zip file was password protected, and he kind of hummed and hawed, before saying no. So, I tore a strip of him over the phone, and said if they ever did anything so stupid again, they'd get sued. Since they're not actually a cloud provider, with some indemnity terms in a contract, this seemed to hit home to him. At least the transfer back of the updated data was done over an encrypted connection.
But this is exactly it. The third party provider doesn't give a shit, as it's not their data. Even this company I dealt with, that deals _only_ in medical software, and knows the regulations regarding protection of related data, as they bake lots of password protections and such into the software itself, didn't give a crap when dealing with the actual data themselves.
Cloud providers are in the business of making money for cloud providers, while minimizing expenses in all areas. They are not in the business of securing your data, unless they can charge you extra for it. They are not in the business of ensuring your particular business succeeds. They are in the business of extracting money from you; that's all.
Of course it's important. Jack Thompson (of anti-Grand Theft Auto fame) is perpetually trying to prevent people from playing video games. As it's now known that playing video games improves your preparedness for terror attacks, logically, it means that preventing people from playing video games reduces their preparedness for terror attacks. This is what Jack Thompson is doing, therefore, he's supporting terrorists.
Throw the fucker in Guantanamo.
(Of course, I'm kidding, but this is the only possible positive I could really get out of this. Otherwise, my sibling posters are right. It's just "Oooohh...be scaaarrred! Evil Al Shabib is coming to get you!!!!"
Certainly funny. However, I can say I've never had it happen to me. Of course, I'm not in the US, so I don't have to deal with the right wing extremes that even the left wing of your society subscribes to.
Usually I wait a couple of minutes on hold, then get somebody on a much clearer line, with a completely different voice and accent, who actually knows what they're talking about, so I know it's a different person.
Of course in the REAL WORLD you have to put up with the crap along with all the others
No. The real code word is a phrase:
"Give me second level support."
Usually it goes something like this:
Support: "Hello, this is Ranjit/Deepak/Rakesh/George Washington at tech support. Can I get your name/account number please."
Me: "Yes, my account is 12345. Can I get second level support, please?"
Support: "Do you have a ticket or reference number?"
Me: "No, but I'm a network engineer/software developer/I.T. professional, and I know everything you're going to ask me to try, I've already done. So, rather than waste both your time and mine, it'll be a lot easier if you just put me through to second level."
Support: "Ok, I can do that. Hold please."
Of course, be polite, and don't have a tone of voice that states you think the person you're talking to is an idiot. Smile while you talk. It really does affect how you come across, even over the phone.
Only once, in however many dozen/hundreds of calls I've made to tech support, have I ever had this not work. The time it didn't, we went through the script, and at the end, this happened:
Support: "I'll transfer you to second level support."
Me: "So, if you'd just done as I asked in the first place, we both could have saved a bunch of time here, couldn't we?"
Support: "Yes, I guess we could. Next time I'll do that."
So, even the one time it didn't work, the first level support guy was educated that when somebody knows enough to ask for second level, they probably know enough to have done what the first level script says, too.
Yes, you can have more than one. But then you're not "doing multiple transactions securely in the future using that one time pad" which is what the original poster stated.
Now, as to using a single, long OTP to encrypt several shorter messages....Ok, I'll give you that it's a single OTP retrieval from the bank, however, as far as the encryption is concerned, it's a bunch of OTPs that just happen to reside within a single file. You also have to coordinate starting position within the file for every transaction using that OTP string.
Genetics explains why you look like your father, and if you don't, why you should.
