Why would anyone assume that? How clueless does someone have to be in 2015 to not understand that nothing on the internet is private, ever, in any way. It is a public place. Do not do anything on the internet you would not do in your front lawn.
Even in public stalking is still illegal.
Just paint the earth white - works during ice ages.
What if a drug to control aggression was developed and it was introduced into the atmosphere? It would impact everyone equally, with no opt-out.
Paxilon Hydrochlorate?
At least this article admits to a level of "programmer error". However --- like most "computer error" news articles, this one misses a key point: This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.
Assuming story on its face is true the blame for failure to recover goes to IT hierarchy responsible for managing the database. No data programming error should have the capability of causing unrecoverable data loss. It isn't so much you guard against someone or something typing DELETE FROM
Whatever happened to off-line backups? One mistake can't wipe you out then.
What is worse all database systems worth using offer the ability to view the database as it was at any point in history. It is like a rolling historical backup guaranteeing data cannot be lost forever due to mistakes manipulating data.
The good old "DELETE FROM records WHERE 1;.... FFFFFFFFFFFFFUUUUUU----" on the production system on a Friday afternoon...
Even then you would have to be a hack to not be able to recover a snapshot of database prior to the incident from redo log.
Properly managed capability to see database as it existed at any point in time is maintained throughout the useful life of the database with no exceptions.
I think we all need to work together to get rid of this terrible, nasty, unpredictable hacker group -- for the sake of national and international security. They represent a clear and present danger to the future of this country.
I think time would be better spent improving systems especially communication systems to deny all adversaries capability to "hack the planet".
Aggregating sources of trust like this is akin to piling gold bars on the street corner, holding a press conference announcing to the world their presence and being surprised when gold turns up missing next morning.
Because voice processing and searching on the scale of some of the applications such as SIRI require centralized processing.
I don't buy it. These sentiments jumble a number of separable components.
Have a 10 year old device was able to do local speech recognition including arbitrary voice shortcuts and search without training. I would tell it to play song x or anything from artist y and it would most of the time get it right and just do it all offline and all on hardware at least an order of magnitude less capable than what is available today.
There are PC software packages such as Dragon and Sphinx able to do free-form speech to text locally.
You don't need "the cloud" to control a TV. Recognizing a short list of commands to control a device is relatively trivial. There is nothing wrong with searching online databases if that is explicitly necessary... What is wrong are generation of bullshit excuses to collect usage data by virtue of voice enablement. People have never really gave a shit about voice recognition enough to justify any serious R&D expenditure. Vendors push it because they want revenue stream that goes with data collection.
Preloading advertising spyware with a new computer while knowingly disabling all https and code signing security.
There is selfish, there is stupid, there is dumb and there is criminal batshit insanity.
Having been a fan of Lenovo for years I sincerely hope they are sued into oblivion and face criminal prosecution. No need wasting your time wondering if I will ever buy anything from them again.
I suppose this makes sense. If you select port 80 it is more likely to be noticed or more likely to be intercepted and or mangled by proxies and AG's making it difficult to transport non- HTTP data streams.
Port 443 would best allow for unmolested arbitrary stream while remaining most unlikely to be filtered.
The rest I can't explain... is there really such a big ass market for ads and data justifying such behavior or is some of this at least partially being "subsidized" by state actors? The mindset and thinking not just of Samsung but of growing numbers of vendors strikes me as both disgusting and unsustainable.
Nope it's too late - they are already here having strategically taken over Comcasts call center in a bid to drive us off the planet.
Let me be the first to say that Yandex sounds like a bunch of whiny losers if this is their comparison. Google isn't imposing anti-competitive contracts on OEMs and using secret APIs to give their products a home turf advantage. They've open sourced the entire OS and most of the problems getting a competing product on an Android device is due to OEM malfeasance.
Google play services are not open source and whose APIs are by design required to run an increasing number of Apps. Google play services are available for bundling exclusively at Googles pleasure on their terms.
If you don't have Google play not only is the Google appstore unavailable multiple Google services integrating with Google play services are also unavailable to you.
If Microsoft had competed with Be and Netscape back then like this, I'd be running Firefox on BeOS R10.5 not Windows 7.
They are clearly leveraging their position to enforce artificial dependencies and behaviors favorable to themselves just like Micro$oft did years ago and just like Microsoft it's all closed source.
Except there isn't anything to indicate that Google is actually spying on you when you use their internet service.
This would be redundant. Virtually every website on the planet already reports to Google for one reason or another.
SCP moves one file. SSH doesn't move any. RDP makes every file the target has access to directly accessible as a file share on the client even if you don't want it to.
CryptoLocker running on the client wouldn't have seen the files the target could access at all had the connection been VNC, X, or ssh.
So this is just a security by obscurity play. The assertion is since a particular instance of malware lacks a feature set enabling it to detect and subvert SSH connections from a compromised client then SSH is more secure than RDP even though both offer functionally equivalent access.
Sounds like all the wrong lessons have been learned from this security breach.
Also worth noting RDP maps the clients local resources to remote server not the other way around.
Wow, you are desperately working to miss it!
Right back at ya.
The file sharing that allowed the nasty on the remote terminal to get at the fileserver was not required and was not part of the reason for allowing that RDP connection. But it was there because RDP in the wild overshares by default.
SSH and X don't tend to overshare by default. You can do port redirection, but only by explicitly asking for it.
Can you explain the difference between a share allowed with an RDP connection and the use of SCP over SSH which is enabled and allowed by default?
If you own the client and the client logs on to something it would seem to me this is game over you must assume everything the client has access was compromised unless you have reason to believe otherwise... as we already know SSH provides file system access by default to all clients. I'm failing to comprehend the difference.
"If it ain't broke, don't fix it." - Bert Lantz
