1. Are you actually white hat if you're spilling secrets that aren't yours to tell?

He looked at the firmware that was installed in a car the he (I presume) owned, and published his findings. If you want to keep something like this a secret don't distribute this "secret" in a firmware update that every single Tesla owner receives.

I'm so going to get buried by mods who disagree rather than marked informative, but here goes.

I moved to Rio 6 months ago from New Jersey. (Yeah, I know, NJ is the land where every puddle has its own rainbow.) I know 4 other people who moved here from the US within the last 2 years. Not one of us has gotten sick.

How often do you swim in the rivers/lakes there, or do other water sports?

Okay, I'll stop with the anecdotal evidence now. How about, this place is CLEANER than New York City. How many folks swim in the Hudson or the East River?.

Nobody is trying to have an Olympic event in the Hudson or the East River.

Stop playing telephone and ask someone who's been there - Rio is Fine; far cleaner than many other cities I've seen.

Maybe so, but that doesn't have anything to do with the fact that the lakes/rivers are so polluted that you shouldn't be having athletic competitions in them.

And I'm sure that when you were a teen you never did anything that would upset your parents when they weren't watching you. Be careful what you wish for. Your actions now may cause your kid to distrust you for the rest of his life.

At the very least, if I knew I was being watched while I drove the car, I would just have a friend come pick me up. If you decided to track my cell phone, the next time you did it I would just leave my phone at home. Done, now you can't track my habits, you don't know where I am, AND you can't reach me.

Have fun with that.

Just use the fingerprints of the criminals. Or clone the phone and brute-force the pin-code.

Or use all the rest of the logging taking place to see who they communicated with and when, and ignore the little data on the phone. A phone is just a computer. The problem is, politicians don't realise this.

After 24 hours of non-use, a passcode/password is REQUIRED to unlock the phone. TouchID won't do it after 24 hours. Also, touchID locks itself out after five failed fingerprint attempts. You need a passcode/password after that.

Nothing in the GPL forces you to contribute back changes. You can download GPL'd code, change it however you want, and use it on your own systems to your heart's desire, without having to contribute anything.

However, if you download GPL'd code, modify it, and distribute a binary, you must distribute your code changes under the GPL. If you don't want to do that, write your own damn code from scratch. None of this is forced upon you.

That's a bit disingenuous. The motto of the "disruption" crowd is explicitly 'better to have your lawyers fight for dismissal than ask for permission', particularly when it comes to the structure of laws and regulations that have been put in place to protect incumbent business models from damage and exploitation.

Fixed that for you.

"Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active. This disables Superfish for all products in market.
Lenovo stopped preloading the software in January.
We will not preload this software in the future."

However, later in the post they state that the root CA will remain intact. The private key has already been extracted and cracked, so this leaves Lenovo users still open to a very easy MITM attack.

