Considering the current bloodbath over at CISA and the ongoing sabotage of the rest of the nation's cybersecurity infrastructure at the behest of Comrade Trump, I'd say the government is the last place to look for help keeping your secrets out of the hands of the competition.

This is what APIs are for, surely?

We've learned complaining only draws more calls.

It's been a long time since I read The Invisible Man, but I seen to recall that his mechanism was chemical as well; something he ate or drank that turned his cells transparent.

Because Zonai devices are magic.

Seem to be a number of down sites right now. Larger AWS issue perhaps. It's almost like recentralizing the decentralized internet was a bad idea!

I feel like Firefox continues to exist despite the foundation's efforts rather than because of them.

Heh, unless you work for a GM dealership, you have NO idea how bad GM is at IT. Their dealer-side website still does not officially support anything other than IE8. Business reporting relies on ActiveX integration with Excel, and only works properly with Excel 2000 and 2003. It can be made to work under 2007, but they don't support anything higher. Parts of the service-related workbenches still use VBScript. It used to be accessible only over a super-slow satellite link, but they changed that a few years ago, thank god.

To be fair, though, Toyota's web back-end, Dealer Daily, is even worse. IE-only, accessible only through a dedicated T1 which may not be used for anything else (but which you still pay full price for, of course). Blank page under anything other than IE.

Come to think of it, a lot of dealership stuff is locked on IE. Dealertrack (intentionally locks out non-IE browsers), Dealersocket CRM (featured-limited under non-IE browsers). ADP is the biggest supplier of dealership management software in the US and most of their stuff is entirely reliant on IE.

It's a pathetic state of affairs.

As long as it doesn't break Noscript, I'm ok with this. It really IS folly to try to use the modern web without any javascript at all, but with Noscript I can still pick and choose which sites are allowed to run it in my browser.

That was the point. It's not hard. I'm a general IT guy and I was able to do it easily. These PDs are saying they need Apple's help bypassing lock codes. Not just passwords, but lock codes like the one I bruteforced with free tools in a few hours. That they claim to need Apple's help for that is ridiculous.

Who mentioned Google? I'm assuming Android device lockcodes are just as easily bruteforced, probably moreso; I've just never had occasion to need to get into one before.

Brute-forcing an iPhone's lock code is relatively trivial with freely available tools. This puts the device in DFU mode, so "Erase device on X unlock attempts" doesn't take effect. That version of the tools only bruteforces lockcodes, but there's no theoretical reason you couldn't try at least a dictionary attack on a password, too. Since it's also possible to dump the hardware key and a complete (encrypted) image, I imagine an offline attack on the image is possible, too. You wouldn't have to rely on the relatively slow hardware in the iPhone.

Using those tools I have successfully bruteforced the 4-digit lockcode to an iDevice running 6.0.2, and that's with no prior experience with or knowledge of iOS. I even used an emulated Mac to compile the necessary firmware patch. And that's just what I was able to do in with a few hours of fiddling. There are people who do this for a living, and tools dedicated specifically to extracting data from mobile devices. Are these PDs really saying they can't get into devices with simple lock codes?

Don't forget incubating for 15+ minutes in a cramped room with a lot of other sick people, all coughing and sneezing. If you weren't sick when you arrived, you certainly will be when you leave.

Same here. Someday my 10 btc will make me rich beyond measure, you just wait.

I do this, and I thoroughly enjoy it. It will end pretty soon, though, once the cable conglomerates get any semblance of network neutrality off the table. Then they'll just make up some excuse to block or throttle Netflix, Hulu, and the rest. In fact, they don't even have to get involved in the whole NN debate; the data caps they impose will soon make it financially unfeasible to continue streaming any service other than their own, which will be overpriced and offer a poorer selection.