Actually Linux is my primary OS. But how does that help the rest of the world? A solution that improves security for the technocrati is great, but not really worth deploying to the masses. And until it's worth deploying to the masses, it's just not going to be generally available to the few.
And even on Linux the security isn't impenetrable.
Also, no, you don't need root to install new software on Linux, unless you want that software to be accessible to all users. That's not the way most repository interfaces are configured to operate, but you can always install software directly as well, just download and run the install script. Even back in University I had a library of personal software installed on my locked-down university account.
According to Elias as the oil companies were shipping out that fuel, they reaped unprecedented profits reportedly approaching $1.50 for every gallon of gasoline they sold at the higher prices. "Gasoline prices are determined by market forces, and individuals who understand how commodity markets work have recently testified that those markets are working as they should," responded Catherine Reheis-Boyd, President of the Western States Petroleum Association, to charges of price gouging. "All of the many government investigations into gasoline markets in recent years have concluded that supply and demand are the primary reason gas prices go up and down." Kathleen Foote, who heads up the antitrust division at the California attorney general’s office, agreed that the industry operates like an oligopoly in the state. But proving price fixing is difficult in a field where only a few players exist. "This system is made to break because oil refineries keep it running on empty," concludes Court. "They have every incentive to create a price spike like this."
Link to Original Source
The new FCC rules are in effect in the United States from June 2nd 2015 for WiFi devices such as Access Points. They require to have the firmware locked down so End-Users can’t operate with non-compliant parameters (channels/frequencies, transmit power, DFS, ). In response, WiFi access point vendors start to lock down firmwares to prevent custom firmwares (such as OpenWRT) to be installed, using code signing, etc.
Read more: http://www.cnx-software.com/20...
Link to Original Source
Key- and screen-loggers? Pretty standard stuff I believe. All that's required is the wrong virus or trojan sneaking on to your machine somehow.
The main point is only that only one thing is needed to compromise security - knowledge - and thus is a stretch to cal two-factor under the traditional definition (at least so far as I understand it. I'm a programmer, but no expert on security)
I certainly don't contest the challenge that it's probably significantly more difficult to bypass. At first glance it would seem to have great potential, IF done well. But I don't even know enough details to judge the theory, and as always implementation details will likely expose far more vulnerabilties to hackers. The question is, would it continue to be fundamentally more secure if it became the primary means of security, or is it's primary benefit that of being a small small enough target that it's not worth the effort?
A wonderful idea! Unfortunately politicians make the laws, and their campaigns are funded by bankers, so it seems unlikely to be be achievable.
No, that is why we have regulation by an ideally democratic government - to impose those rules upon the entire marketplace that cannot realistically be instated any other way. Because just like most other Tragedy of the Commons situations, if everyone behaves with rational self-interest, then everybody loses. It's only by having rules imposed by a collectively empowered authority that we can align rational self-interest and our own best interests.
>because it's actually more than two-factor authentication
Kind of, maybe, but you really have to stretch the definition. Two factor authentication is typically a combination two of:
- something you know
- something you have (physical object)
- something that's an inherent characteristic (biometric data)
specifically so that it's extremely unlikely that an unauthorized user can get access to more than one of them.
Meanwhile yours (from what I can guess from your under-specified description) involves:
-Picture (keyfile?) that's stored online where anyone can get it (and how do you access it? a password?)
And yes, that's considerably more challenging to hack than a simple password alone, but it still sounds like it only involves "something you know", and thus offers none of the more concrete protections offered by more traditional two-factor authentication. All it takes is someone filming your keyboard and screen while you log in and your security is completely bypassed. Not appreciably more difficult to hack than a completely random 30-character password that can be conveniently stored in an encrypted password manager on a USB flash drive accessible via passphrase, which provides quasi-twofactor authentication on the front end. You can watch me enter my passphrase, but without also having the file on my USB drive it won't help you log into any of my accounts
Granted, that's not as convenient on phones/tablets/etc, but given how common spyware of various types is on such devices I'd be *extremely* hesitant to access anything actually important from those unless you completely refused to install any software that has the potential to monitor your activities - a call that's becoming increasingly difficult to make even for the competent.