Comment Re:Not a bad idea but... (Score 2) 725
Metric won't happen without a really big stick. Fuel pumps would probably change in less than 24 hours if there was a 1% tax on sales measured in gallons.
Metric won't happen without a really big stick. Fuel pumps would probably change in less than 24 hours if there was a 1% tax on sales measured in gallons.
There appears to be more privacy issues beyond monitoring in the phone. My Smartphone (GT-I9100 v.2.3.4) won't allow access to https://www.google.com./ It also doesn't allow the addition of private certificate authorities or the removal of bad ones. To make matters worse, it won't display the fingerprint of a certificate. So the only option is to accept, on faith, the issuer name displayed. It seems obvious that the handset makers don't care about privacy or potential harm to customers.
How about an app that beeps and turns the display red if encryption, as feeble as it is, gets turned off.
A big improvement would be to require e-commerce servers to protect their private key in a hardware accelerator that won't give up the key. This would protect the certificate if the server is compromised. Someone might be able to use the accelerator, via some type of proxy hack, but the certificate would be safe after a compromised server is reloaded.
Maybe the "scam" factor could be reduced if the certificates were signed by two or more entities in different jurisdctions.
I have two questions: Did someone required them to keep the initial values and why wasn't the system designed so that the customer was required to initialize the tokens?
The messages need to be digitally signed or we are going to get spam claiming to be from the president. It also needs to be better designed than weather radios. For example, I can turn off thunderstorm watch alerts but not tornado watch alerts. I might understand requiring warnings but not watches. It cries wolf, in the middle of hot muggy nights, so often it gets turned off.
I was thinking about troubles with evacuation from some place like the Florida Keys with a long highway. All lanes are switched to North so it would be difficult to get extra batteries. Even a seasonal thing like lots of people going South for Spring break would cause inventory problems.
It's probably hard to compete with the cost of piping fuel to storage tanks near distribution centers vs. the investment in battery packs.
I sure hope we can get charging stations everywhere. I'm not very hopeful since utilities are slow at upgrading major transmission lines no less what would be needed for fast charging in homes. I think we are on the edge of major problems without EVs. During hot weather I see 105 V and last night I saw 130 V. The regulation won't get better without lots of investment. We probably need rules that require higher power capacity for new construction (fiber too).
Switching batteries will be a big fail the first time there is a large hurricane evacuation.
At a minimum I would request that the box be placed on a separate VLAN that has no other access to the LAN. Internal access should go through the firewall rules like you would for an external server with all the appropriate logs and auditing. I would also transfer ownership by giving them the hardware.
I think real question is why doesn't the customer initialize the token. There are lots of interface options to initialize a small token: I2C, USB, even IR.
These systems are nothing but trouble if you find yourself on a road without booths and you are in a rental car. You either pay a high daily rate plus usage, to get a car with a transponder, or you really get zapped if they forward a bill a month later
One man's constant is another man's variable. -- A.J. Perlis