How will stop voting improve the situation?
It will reveal the truth: absolutely nothing will change regardless of if anyone votes or not.
Even better, perhaps a standard of crypto token that works with USB? Right now, there is one for cards, but for USB tokens, I need special drivers for every maker (be it Safenet, Gemalto, or whomever.)
That way, the private ssh key can be used on the device, but never leaves it unless one is doing a backup of it to another device, or to other media where it is stored (encrypted with a passphrase) for safekeeping.
For two factor authentication, things like the Google Authenticator is good enough. The only improvement I can see with that would be going to a public/private key system or having a hardened authentication server that used Kerberos. We really do not need more hardware dongles that are not really a standard. Having standardized hardware key protection for SSH private keys would be nice, but oftentimes, the perfect is the enemy of the good... if we can go with SSH keys/certificates and/or a standardized OTP, that is 95% of the battle right there... an attacker would then have to start attacking individual endpoints.
Here is what I do to secure my Android device:
1: Unlock the bootloader, flash a CM or custom ROM that doesn't sport crapware.
2: Encrypt the device with a screen locker PIN 4+ digits. I personally use six for this, just for ease of typing.
3: Use "su -c vdc cryptfs changepw foobar" to change the passphrase. This separates the passphrase Android asks for at boot versus the screen unlocker PIN. Of course, if you change the screen password, the cryptfs password will change, so you will need to use root and change it again, or use an app for this.
The advantage of this method is that the boot password can be very secure, while the password to get past the screen locker can be easy to type in.
4: Relock the bootloader. This forces someone to have to erase the data partition if they want to reflash.
5: Install a third party security app like Cerberus or Lookout that can locate and remotely erase the device, or just sound a siren until the holder trashes it. Some utilities can go into
6: If the device has a SD card, consider using an EncFS app to mount and store files under. This way, anything written is immediately encrypted.
7: Use Titanium Backup Pro with encryption and saving to a remote cloud provider. TB's encryption is remarkably sane (it uses private/public key, so the passphrase is only needed on a restore), and storing copies of backups remotely means that data is still obtainable even if the phone is lost. It does require root though.
8: Unless directly in use, keep USB and ADB completely off until needed.
9: Use a utility that demands a PIN before various apps can launch, especially preferences and an app that pops up a console/shell window.
10: Use a TRIM utility that runs in the background. This way, if the data isn't encrypted, it is not existing.
These will help protect data on a phone. If stolen, the attacker would have a few guesses on the PIN before the device locks them out. A reboot will force the attacker against the full passphrase. A data wipe will still mean Cerebus or a security program is still in
Of course, there is the physical hardware loss, which insurance might cover (Asurion for example), and stored data can be recovered via Titanium Backup. However, done right, an Android phone can be made decently resistant to theft or physical attacks.
The reason why one should use a utility to PIN protect apps and app groups is that if the phone is swiped before the screen locker comes on (for example, out of the user's hands directly). That way, assuming preferences and other settings are secure, a thief has limited run on what is available on the phone.
Expect the road haulage industry to be utterly against any form of fairness, despite the fact that they objectively cause the majority of problems (due to miles travelled and weight moved).
As much as I enjoy driving, I have spoken out on this very issue in this and other fora time and again, and I agree. We need more rail, and less trucks. Ideally eventually PRT could replace all but everything else. I would prefer to live in a world without tire dust. I don't mind some off-road tomfoolery but this whole notion of driving around on rubber tires on asphalt roads is ridiculous.
That's a bit like telling a career criminal that he should better not do a petty crime. Like telling a murderer that it's not ok to steal a car to drive to his victim.
So the correct answer to this question was the one ESR asked - for who and for what?
That's why I asked him to specify criteria when he answered. IMNSHO, the answer is almost entirely dependent on the criteria, as evidenced by the poster above who mentioned the FNFAL, etc.
Nah, PHP still is used for those things. It shouldn't. The fucking language should DIE. But it's still there. It spreads like a virus, people get exposed to it because they're forced to hack their Wordpress distribution, and the next thing you know they're thinking it's "pretty cool".
Visual Basic was never this bad.
'cause all the money they had went into the product and nothing was left for the PR department?
15. How often do we get to hear about it? I read about it on $otherpage $time ago.