Is open hardware really that big a problem? It's not like opening a Fab is cheap.
The hardware behind Apertus is actually Elphel. They make "open source" cameras based on existing chips. The video codec is performed by an FPGA (loaded with GPL-licensed firmware made by Elphel).
Here is more about the hardware.
Additionally, Silverlight is plain broke in some aspects that make it less useful for developers, not just users.
This week I learned Silverlight on IE8 (remember, that's its same-vendor browser), after receiving cookies from a webserver, completely fails to include those cookies in an HTTP POST request. What... the... <expletitive>?
However, I figured out through trial and error, that you can actually double back on buttons you've activated and activate buttons that are non-adjacent to active ones by drawing in the blank space in between buttons. This should be a criteria for a strong graphical pattern lock
I also noticed this, shortly after I got the idea to use an unlock pattern. Once you noticed those two aspects (ability to draw between buttons, and harmlessly slide over already-activated buttons), the permutations multiply.
With those in mind, here is how unique a randomized unlock pattern can be:
4 dots = 1624 permutations (as weak as a 3 number password!)
5 dots = 7152 permutations (much better, but not by far)
6 dots = 26016 permutations (at least as strong as a 4-digit bank card PIN)
7 dots = 140704 permutations (about as strong as a 5-digit bank card PIN)
As a bonus, choosing more dots reduces the ability for a smudge attack to succeed. But only if you choose a pseudo-random one. Don't kid yourself, one that you come up on your own is biased in favor of a like-minded (i.e. homo sapien) attacker.
To help, here's a quick bit of shell code to easily generate a strong unlock code for an Android phone. It numbers the dots like a telephone: top-left button is 1, top-middle is 2, top-right is 3,
rand -N 9 -M 9 -u | perl -ane '%seen=();%bad=qw(13 2 17 4 19 5 28 5 31 2 37 5 39 6 46 5 64 5 71 4 73 5 79 8 82 5 91 5 93 6 97 8);$last=0;print map {$next=$_+1;$combo=$last.$next;if ($bad{$combo} and not $seen{$bad{$combo}}) {()} else {$seen{$next}=1;$last=$next;$next,"\n"}} @F'
This is just grandstanding by a politician running for office. Neither Amazon nor Apple are headquartered in Connecticut, which makes the appropriate action for this state AG to make a filing to the FTC.
Except, of course, filing with the FTC just doesn't sound as exciting to voters.
If you never get a credit card or loan of any type, you will not have a credit history. This will be very bad later, when you need to apply for credit or a loan, you will be denied, or require a cosigner, and pay a much higher interest rate..
Bullshit. I bought a house without a credit history, without a cosigner, with lower interest rate than anyone else I know. I merely had to prove my identity, my steady income, my steady bill-paying history, and have a 20% down payment documented in a bank account.
While my loan broker had a smaller choice of banks to choose from, the ones available were falling over themselves to offer me a 15-year loan. (This is no fault of the banks, but a no-credit 30 year loan according to Fannie Mae's post-bubble rules would've been unfeasible. I didn't want a 30-year anyways.)
today is privacy Sunday, eh guys?
It's DefCon weekend.
What law did he break? What was he accused of? Why was he detained? What right do they have to ask such questions?
Welcome to law enforcement procedures. Of course you're allowed to have an opinion. But, say, your legally allowable opinion on your neighbor's yard maintenance might be a motive for why your neighbor is dead, for example. And 12 hour interviews are completely allowed. You just need to know your rights and how to use them; for instance, explicitly saying you invoke your right to remain silent until you have a lawyer present.
Now, is it reasonable for the FBI to suspect Jacob Appelbaum is involved in the wikileak and put him in the box for 3 hours? THAT's another question...
There, fixed it for you.
No, I'm not kidding. Remember brewing is the alcohol-creation step before distillation.
The fact that this is freeze-distilled still makes it beer: unlike normal (boiling) distillation, you keep the wash, not the distillate. (How they avoid making it taste like ass is another question.)
And sometimes, it's about Politics in Health.
China isn't the first nation to grapple with HIV in blood transfusions. The United States' blood transfusion industry lobbied in the 1980s to suppress the issue over concerns about their reputation and revenue, and succeeded to some degree.
In this case, China's communist government is probably being lobbied, too -- and as an easily corrupted system with great powers, we see instances like this.
Fortunately, there are also top-level politicians trying to turn it it around.
Certificates don't ensure you're talking to anyone in particular, other than someone who has managed to get their hands on the certificate, which, based on prevalance of rooting and etc., could be quite a range of people.
Certificates are public information. Oh, did you really mean, private key?
Certs reliably encrypt traffic between the two endpoints. That's the entire usefulness to the two endusers.
Nope. Bulk ciphers are what encrypt traffic between two endpoints. Did you really mean certs provide key exchange?
HOWEVER: An entire deceptive financial ecosystem was created when the browser manufacturers put those "scare the heck out of the user" dialogs in there; that meant that ecommerce types *HAD* to get certs that would not raise those warnings -- meaning, buying a bag of bits from someone else, a bag you could have made yourself for free, for all the good it would do you, instead purchased for $50 (or many more) dollars.
It's all based upon one key falsehood: The idea that a cert "assures" you that you're talking to someone in particular.
Wow, you like, have no idea what root trust provides, do you? If your private key is secured properly, it provides reasonable proof that the entity at the server end is related to the domain owner.
Yup, there's problems with the human-level implementation. Like, oh, govenments "leaning" on CAs to provide them with an intermediate certficate. Or, yes, private key security.
You're paranoid about (and it's possibly Proper Paranoia®) that any site may have weak private key security, especially against, erm, "hackers". Fine, the mom'n'pop websites should probably leave their SSL handling to a professional webhost since they're just as like have bungled the security if they did it on their own. Generally, though, you can reasonably trust private key security with organizations that are likely to have professional network security staff.
I'm well assured every time someone in my organization (a network appliance manufacturer) needs to help a customer with an SSL/TLS related issue and the customer meticulously coughs up all the information needed except the private key.
Since when did Slashdot turn into a competitor of CNN and Fox News?
May 26th will now be known as "Face-Palm Day".
Or "May Fool's Day".
Just one day after Towel Day, too.
The rule on staying alive as a program manager is to give 'em a number or give 'em a date, but never give 'em both at once.
