People often recommend using VPNs to protect traffic when using public WiFi networks, etc. The hypothetical attack would be a malicious public WiFi network using a DHCP server that sets static routes for the IP addresses of servers they want to intercept traffic to. The static routes described in DHCP take precedence over the default route for the VPN.

For example, suppose I want to intercept traffic to Slashdot:

• I set up the DHCP server on my public WiFi network to announce static routes for 104.18.5.215 and 104.18.5.215 leading to my malicious router.
• You connect to my WiFi network, and connect to your VPN in the hope that it will protect your traffic from malicious parties on the untrusted public WiFi network.
• Your VPN creates a default route leading to its virtual interface to send all IP traffic across the tunnel, but the static routes configured via DHCP take precedence for 104.18.5.215 and 104.18.5.215.
• Your Slashdot browsing traffic is routed via my malicious router while the rest of your traffic goes across your VPN.

I only knew about it from Slashdot. I don't think I read TFA as it didn't look very interesting. Most of the comments were asking what the point of it is. But it must have got coverage somewhere for Slashdot to link to the stories in the first place.

When that secedes, then try on the far side.

You should learn the language before making a fool of yourself.

It's something to do with the agreements Google forces on the phone manufacturers. Android itself is free, but Google attaches various conditions to the licenses to sell phones with GMail, Google Maps, etc. pre-installed.

A pretty well-known condition is that Chrome must be pre-installed if any other Google apps are pre-installed. Previously they required that Google apps be the default handlers for everything if Google apps are pre-installed (Chrome must be default web browser, GMail must be default e-mail handler, Google Messages must be default SMS handler, etc.). The EU decided that the requirement that Chrome be the default browser is unreasonable years ago, so Android phones sold in the EU may have different default browsers.

(As an aside, although I don't use most of the Google apps, changing the defaults and uninstalling/disabling Google apps when possible, along with Facebook and the rest of that pre-installed crap, is a minor one-time annoyance for me when buying a new phone. You have to do the same thing after installing an OS on a PC after all. It's probably more of an issue for people who aren't tech-savvy.)

The majority of people are going to want to use at least one of the Google apps, and needing to install them after buying the phone is apparently too much of a burden for people who aren't techies. It's got to have that stuff out-of-the box. So the phone manufacturers will usually put up with whatever conditions Google demands. Samsung are big enough that they can tell Google to piss off if they believe the terms are unreasonable, but most of the other phone companies aren't in that position.

This brings us to the specific thing Epic is complaining about. Epic were negotiating with a few of the phone manufacturers (Oppo, OnePlus, etc.) to sell phones with the Epic store pre-installed. Google heard about this, and told the manufacturers that their licenses to sell phones with Google apps pre-installed would be terminated if they sold phones with the Epic store pre-installed. The phone manufacturers can't afford to lose the license to pre-install the Google apps, so they walked away from the deals with Epic, so there are still no phones with the Epic store pre-installed.

Epic's complaint is that attaching this condition to the licenses to pre-install Google apps unfairly stifles competition, as it prevents them from having their app store pre-installed on phones, raising the minimum effort a potential customer requires to discover/purchase something from them.

does side loading need an trusted dev's setting like mac os?

No. At least on a Samsung phone, when you try to side-load an app, you get a security prompt from the OS, and you can then use the settings app to grant permission for side-loading once. You can also grant permission for an app to side-load apps without requiring manual approval each time (you'd do this for an app store).

not allowed to set an flag that make side loading on = that other apps can check and then not work?

No, an app can't tell if you've granted permission for another app to side-load apps or whether side-loaded apps are installed. Apps can tell if the phone is rooted or has an unsigned bootloader installed, though.

That's only a problem in places with incompetently bad infrastructure. I've been using VoLTE for over five years with no problems whatsoever. The most noticeable change over 3G is better talk time due to the more efficient modulation.

add a toggle to disable VoLTE calls

With 3G being phased out, you'd be stuck on WiFi calling if you did that, effectively defeating the purpose of having a cellular phone.

There's no such thing as an ASR33. It's a Teletype Model 33 ASR (ASR meaning Automatic Send and Receive, as it had a paper tape reader and punch). The Model 33 came in other variants, like Model 33 KSR (Keyboard Send and Receive - no paper tape reader or punch), and Model 33 RO (Receive Only - no keyboard, paper tape reader or punch).

CSS used 40-bit encryption to comply with '90s "national security" laws that treated anything stronger as munitions and banned export. They used a proprietary stream cipher, with details only available for a fee. It had three major vulnerabilities, the most severe of which was that a disc key could be recovered from its hash with a complexity of 2^25 - this meant a disc could be cracked in under twenty seconds on a 450MHz Pentium III.

Yes, it's a site license model where you pay per seat with a rather large minimum number of seats. But the commenter you're replying to is telling you to install it and activate it using illegitimate servers. They're advising people to replace their (presumably OEM-licensed) copy of Windows Home with a pirated installation of Windows Enterprise.

Since the late 1980s, we've had 300kph from city centre to city centre with timely connections to fast local public transport infrastructure

No you haven't. 300km/h service only started in the 1990s with TGV-R, etc.

They replaced yum (Yellow Dog Update Modified) with DNF years ago, after they decided maintaining yum was too hard and it was easier to write a replacement from scratch. They just haven't managed to get the new DNF5 production ready. I don't know what the big changes in DNF5 over older versions of DNF are supposed to be.

DNF, like yum before it, uses RPM package management under the hood. It's mostly a tool for dealing with package repositories, notifying the user about updates, etc.

Musical.ly was tiny when they acquired it. They got the vast majority of their userbase organically.

A bunch of stuff about it was really amateurish. The valgrind errors, using the same account for multiple parts of the attack, using sockpuppets who had no presence outside shilling for "JiaTan". I'd expect better from any competent government agency.

Nope, Seattle Computer Products didn't design it. CP/M already used 8.3 filenames, and the original FAT filesystem used by QDOS was a copy of the filesystem format used by Microsoft Standalone Disk BASIC, which used 8.3 filenames to imitate CP/M. It got to QDOS from CP/M via Microsoft.