One browser to rule them all
and the next step is that Google Docs will only work properly in Chrome.
Google's developing a monopoly Microsoft could only dream of 20 years ago.
257 posts • joined 25 Feb 2011
There are serious issues here, this should not be uncovered in a simulator; it should have been found during unit tests.
As someone who has written code for avionics, every possible state and function needs to be called and tested by the code tests. Any code that that wasn't tested cannot be flown. Any state or possible state transition that was not tested is explicitly dis-allowed.
The "vault" feature is just an extra layer of security to access the file. The files are still not end-to-end encrypted. Microsoft can still access your files, should they wish. For real encryption, encrypt at the source using Truecrypt or a automated cloud drive encryptor like SyncDocs.
Exactly, the guilty executives left with multi-million dollar bonuses.
It was reported on at the time of the hack, that Susan Mauldin, the woman in charge of the Equifax's data security, has a bachelor's degree and a master of fine arts degree in music composition from the University of Georgia, according to her LinkedIn profile. Mauldin's LinkedIn profile lists no education related to technology or security.
If that wasn't enough, news outlet MarketWatch reported hat Susan Mauldin's LinkedIn page was made private and her last name was replaced with "M", in a move that appears to keep her education background secret.
So ignorance was followed by cover-up, and payouts to the guilty. The 120 million affected people in the hacked files are the victims, but will get zero relief.
The UK government actually runs something called the "Huawei Cyber Security Evaluation Centre".
They've looked through all the source code and so far have found no back-doors, only bugs.
You can even read Her Majesty's Government reports on it:
...which is why Google still does not support at-rest encryption of the data stored on its cloud. You'll need to add a third-party plugin like Syncdocs https://syncdocs.com to encrypt your files on Google Drive.
How Google plan on restricting access to certain regions is unknown. Will they do it via an IP geolocation database, or via the Google user's self-reported country?
you left of some juicy details from the Bloomberg article:
"In 2009 the company announced a development partnership with In-Q-Tel Inc., the CIA’s investment arm, a deal that paved the way for Elemental servers to be used in national security missions across the U.S. government.
Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not."
Aussie customs (called "Border Force") have similar laws. But the fine is bigger and they can detain you until you divulge the password, confiscate the phone and laptop.
If you do unlock it they can copy all the data on the laptop, phone and associated cloud accounts.
DRAM will also fade out, so you have to act fast, how fast depends on temperature - note the coolant spray used in the video.
Modern Windows apps also should store passwords etc in secure storage provided by the OS, which is encrypted.
Windows 10 also compresses the RAM pages, which I guess was disabled to make this attack easier.
I'm not sure why the Yubikey can't be turned into a smartphone app that communicates to your PC via bluetooth. A "soft" yubikey would add to the market take-up of this technology. In the meantime I use Syncdocs to do full end-to-end encryption of Google Drive, as I don't want to put un-encrypted files on the cloud.
Biting the hand that feeds IT © 1998–2021