I did security consulting for 15 years, all sorts of industries. Banks are among the worst. It's not because they don't lose money, it's because banks view security entirely through a financial lens. It's always about "how much fraud will this mitigate, and does the security cost more than eating the fraud", plus they also use a lot of procedural mitigations -- plus of course they're always looking to see if there's some other party they can shift the fraud cost to, though that's less effective than you might think.

Anyway, I always chuckle when I hear someone use the phrase "bank grade security", because I mentally translate it to "Not quite shitty enough to get hurt too bad".

I also did lots of defense work, even working directly with various militaries around the world. US military security varies wildly. By far the best I saw was the Israeli Ministry of Defense. They were serious. But "military grade security" is also good for a laugh, not so much because militaries have terrible security (it's mixed), but because the phrase has no real meaning and it's strong evidence that the speaker doesn't know anything about security. If I see "military grade security" in a product description, I immediately classify it as snake oil until proven otherwise. And it takes a lot of evidence to prove otherwise. Though sometimes stuff is actually good and it's just the clueless marketers who slap the label on it -- though it's still a bad sign the the clued-in don't have enough power in the company to get them to change it.

Just for completeness I'll mention that the very best security I've seen was at Google. Google hires smart security engineers, has lots of resources to throw at the problem, and really cares about it. I mean actually cares about making sure it's good, not just checking the boxes. Well, all that was definitely true when I joined Google in 2011. It's still mostly true, though there is some box-checking creeping in... but it's far from harmful as of yet because the security infrastructure is so very, very good. I left Google last year, and that's one of the things I miss, although my new employer also has some really good security people.

A toy company doesn't know how to secure their web site. Nobody saw that coming.

This is unfair to us. We have, in fact, repeatedly demonstrated our ability to act intelligently and globally. We have largely ended the worst forms of industrial pollution, solved the problem with the ozone layer and ended acid rain. It's true that we're not doing so well with climate change, but that's because we aren't doling enough not that we aren't doing a lot, because we are. The power grid in my redder-than-red state is 60% wind and solar. China is building renewable energy capacity like crazy, and a lot of the developing world is just skipping the dirty power generation entirely. Yes, we need to do more, and our tardiness in doing it is going to cause us significant suffering. But we are making progress, and will continue.

We've also managed not to detonate more than two nukes on people in the going-on-a-century since we invented them.

I think the biggest risk we pose to ourselves is AI. If we can survive that, I think we'll probably survive the rest. No guarantees, of course, but the outlook is not nearly as bleak as you paint it. I know it feels good to be cynical, but that feeling doesn't make the conclusions accurate.

Also, consider that previous species of homo were incapable of even creating the problems that we're solving. They also could never have reached out population levels, or the level of safety and comfort that we take for granted. We are by far the most competent species of homo... but that is no guarantee. The others didn't get a guarantee either.

Science invalidates a joke!

Though... "Cancer protects you from Alzheimer's" is a pretty good one-liner by itself. At least, my response was to say "Well... shit", and chuckle.

Though if we can synthesize the anti-Alzheimer's protein that cancer produces, and if it's really effective, and if it doesn't have other nasty effects, this could result in a good anti-Alzheimer's drug.

If you wanna lay out a bit of $$ for Mac Studio minis....you can link up to 5 of them high speed and run some BIG ass models.

See HERE on YouTube.

You gotta have a bath in the airport bidet.

Never heard of an airport bidet...that's only slightly less strange sounding that the OP wanting to somehow bathe at an airport....

:O

If I hadn't gone to the airport early to take a bath,

Take a bath at an airport?!?!?

Putting aside the very idea of bathing at an airport being weird....WTF would you bathe AT an airport?

Hell, I hate to just sit and take a shit at an airport and only do that if I can't possibly wait.....cant' imagine bathing? Soap? Shampoo? And where is a tub?!?!

Too true...

On a related note, I found Justice Sotomayor's discussion of this point in a recent case to be really enlightening. She pointed out that basically since the New Deal, all of the powerful executive agencies we've established have each taken on legislative and judicial roles in addition to executive roles, but from a separation of powers view this was actually fine. Not "fine" in the sense that it's the separation of powers framework defined by the Constitution, because it's clearly not, but "fine" in the sense that because each of the agencies was empowered to make rules and adjudicate their applications only in within one particular subject matter area, and because those agencies had a great deal of independence from the top-level executive branch (i.e. the president), and complete independence from one another, this scheme actually provided an effective separation of powers that protected the country from autocracy while getting stuff done. You could say it complied with the spirit of the Constitution, but not the letter.

Beyond Constitutionality, the other thing the scheme did was to enable the various agencies to be effective, able to react to a changing world by revising rules, and able to enforce those rules. This lessened the need for an efficient and hard-working legislative branch and also reduced the load on the judicial branch. Unfortunately, I think the legislative branch in particular reacted by becoming a do-nothing body, and they were able to do that without the whole system grinding to a halt because the agencies took up the slack.

My point? None, really. Just observing how we got where we are.

Of course, that explanation by Sotomayor was in the context of a case where the executive is trying to break the independence of the agencies, to gather all of their disparate powers into the hands of the president and thereby defeat the separation of powers that was achieved by the siloing, which would theoretically give the president all of the legislative and judicial power that those agencies had amassed. So, yeah, that's definitely bad. Even rabid Trump supporters should recognize that if all that power rests in the White House (i.e., a King), there will eventually be a king who uses that power in ways they really, really don't like. "Should" being the operative word.

There are lots of alternatives to using a CA... but what you must have is some way to authenticate the other party's public key. If you're encrypting to a public key you can't authenticate you know you're creating a message that only the entity with the private key can read, but you don't know who that is.

As for what you remember, it's been a long time since I read that book, but given the timeframe he may have have been thinking about identity-based PK, which seemed like a great solution for a while. Identity-based PK systems use a trusted third party (TTP) to derive public/private key pairs from an identity string (e.g., your email address) in some way, so that either anyone can verify that a public key is associated with the identity string or, in the cooler ones, so that it's possible for anyone to deterministically derive your public key from your identity string. This is a super clever idea because "your name is your key", but it relies on total trust in the TTP and I think that's why no systems based on the idea have taken off.

Er, I meant legislative branch. Wow. I can't believe I typed executive there. Embrace the autocracy?

Bwahahaha!! Wow, what a mistake. Yeah, absolutely legislative. I wonder what I was thinking.

Imagine what it would be like to have an efficient and hard-working executive branch, so that rather than making judges scratch their heads to figure out how to fit an old square peg into a new round hole, we could pass a new law that fits the modern context.

You need to read my previous post, and understand it.

The reason MITM isn't a problem for online banking (and TLS in general) is certificate authorities. As I said, it's an authentication problem. For web servers (and other TLS uses) what you need to verify (authenticate!) is that the public key the server handed you belongs to the site your browser thinks it's talking to. To make that work, the public key comes in a certificate that (a) contains the domain name of the server and (b) is signed by a trusted certificate authority. Your browser comes with a pre-installed list of trusted CA public keys, which it can use to verify those signatures.

So, as long as CAs only sign certs when they've verified that the private key is owned by the same entity that controls the server, it's secure. And with a few significant exceptions, they have been quite good about that, at least to the extent of it not being possible for entities other than nation-state intelligence agencies to subvert the CAs. I don't know that nation-state intelligence agencies do this, but I'm pretty sure they could. But they have no interest in your bank account, at least not enough interest to be willing to divulge the fact that they can MITM TLS connections. There are also some other mitigations in use that make this harder and riskier for them (notably, Certificate Transparency; Google it if you're interested).

At the risk of appearing to argue from authority, I've been a professional cryptographic security engineer for over 30 years, the last 15 of which were as a crypto security engineer at Google, designing and building a lot of the stuff that makes the net work, including widely-used international standards that have stood up to academic cryptanalysis. I'm always happy to answer questions and explain things, but your starting assumption should be that I know what I'm talking about. I certainly make mistakes, but this stuff is super basic.

Three reasons:

1. It doesn't work. A thief can drop your phone in a Faraday bag faster than turning on airplane mode. And, yes, phone thieves carry Faraday bags just for this reason.
2. Pixel has "Offline Device Lock". You have to enable it (Settings -> Security & privacy -> Device unlock -> Theft protection), but if your device goes offline for any reason -- airplane mode, Faraday bag, whatever, your device will lock after a couple of minutes. It's a little annoying to have to unlock your phone after you get on the plane, but with biometrics that's pretty trivial.
3. Pixel has "Theft Detection Lock". Again, you have to enable it, but it uses the accelerometer and on-device AI to notice when someone snatches your unlocked phone out of your hand. If this happens it engages the screen lock instantly. The snatch detection is surprisingly accurate; few false positives and basically zero false negatives.

While I'm at it, I should also mention that Pixel has a Remote Lock feature (also has to be enabled). This only works if the phone is still online (obviously), but if you can get to a browser somewhere you can go to https://android.com/lock and type in your phone number to lock your phone remotely. This feature generated a lot of discussion in Google because of the obvious risk that someone who knows your number can annoy you by repeatedly locking your phone, but the team found a good solution. If someone does that to you your phone notifies you that it was locked remotely and offers you the opportunity to set an unlock secret which has to be typed in addition to the phone number to remote lock.

You could already remotely lock your phone with Find My Device (https://android.com/find) but that requires that you're able to log into your Google account. Lots of Android users don't even know they have a Google account because someone at the Verizon store (or whatever) created it for them without telling them, and those who heavily use their Google account may have MFA set up, so it might not be easy to log in without their phone, or might take longer.

I certainly did. Pinky's Brain made an excellent point about how Meta can trivially MITM end to end encryption unless there's a way to authenticate the other person's public key. He was entirely correct, and you were incorrect to dismiss his comment, which was the point of my reply -- to educate you (and anyone else interested) on why he was right.