I spend A LOT of effort to make certain I see no ads. It is shocking to see how other people interact with tech. Why would anyone put up unfiltered internet is beyond me.
It's a good thing for you that most people do. Those ads your'e avoiding fund most of the content you consume. You can only freeride as long as enough others are paying the toll to subsidize you. I do the same, but I won't be surprised or angry if it becomes impossible.
You really think that not a single other person/company could think "hey what if we played this video over the internet instead of using physical media?"
Obviously many others had thought of it. Hastings' brilliant idea was to pivot from what was working (DVD rental by mail -- which itself was pretty innovative) to streaming while the DVD business was still good. That seems like a blindingly obvious move in hindsight but it's actually really hard when you're in the thick of running a successful business to step back and think "We need to completely change our business strategy, even though it's working well".
As geekmux mentioned, Blockbuster was incredibly well-positioned to do both of the things that Netflix did, first to pivot from brick-and-mortar DVD rental to rental by mail (possibly exploiting their broad physical store base) and then to streaming. They had deep relationships with every player in the content industry, large and small, they had near-universal name recognition and positive perceptions in retail video distribution. But they did neither, they just kept running their business until their market disappeared. That's what usually happens, and it's not because the CEOs are stupid, it's because it actually takes someone with both vision and guts to see and act on broad market changes before they happen.
Post some pictures.
Biden controlled the world petroleum industry? Who knew!
Investigate and prosecute him if there’s evidence?
See how easy that was? Now do the guy who shows up in dozens of photos with Epstein.
They probably gave away some swamp land. I expect it to be Foxconn 2.0 https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.cnbc.com%2F2021%2F04%2F2...
This deal will in no way benefit you or me or anyone who is not a member of tres comas
Now think real hard what happened in 2022 that caused prices to spike.
The orange turd is telling people gas prices are not high. https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.cnbc.com%2Famp%2F2026%2F...
I mean holy shit we’re literally in a children’s fairytale. The emperor has no clothes.
Can any MAGA comment on what it feels like to fill your 30 gallon truck tank with $6 a gallon diesel?
The entire premise is simply “not China”?
I was told manufacturing jobs would come flooding back to this country.
You can flip the topsoil from one end of the country to the other. Nothing left but desert.
You really can't. Not with conventional weapons. Not even with nukes, really, though with nukes you could kill pretty much everyone in the population centers. Is that what you're proposing?
Looks like I spoke too soon. The specification massively contradicts itself. 3.4.2 requires reissuance every three months, and requires that it issue 30 attestations at a time, and that they be single-use.
That part is architecturally correct, though allowing access to only 30 adult sites per three months is dubious.
Those are minimums, not maximums. Devices should request new certs when they get low. Also, the three-month period is driven by expiration times. It sounds like the EU has decided they want to enforce a maximum expiration time of three months, though I think most countries I've talked to were planning monthly expirations.
And, BTW, this structure is inherited from the ISO 18013-5 security design, which I created (others contributed refinements, and the data minimization scheme was inherited from other systems, but the core design was mine). So... I know a little something about it
And if getting a new proof requires a new request at some point, then it becomes possible for the trusted list provider, conspiring with the proof of attestation provider, to cross-correlate the timing of requests and unmask a user with high probability.
If the issuer will collude with the verifier, they can easily and fully unmask the user's identity, because the issuer knows all of the public keys they issued, and to whom. This is a known issue, something we considered for 18013-5 and decided had to be accepted for now. There is cryptography that can solve this problem, but at least back in ~2020 when the design was finalized (a) a lot of it was still too novel and (b) wasn't supported in common hardware. I don't think either of those things have changed, and there's a further complication that there aren't any PQC algorithms with the necessary capabilities, though the existing design can be trivially updated with PQC key agreement and signature algorithms.
So you still have a value that is potentially usable for tracking across multiple websites. It's just a timestamp. I'm not sure if I'm reading what they're saying correctly. If they mean all 30 in a batch have the same value, this is a disaster.
It's really not, because they also have the same value as thousands of others that were issued with the same timestamp. Granted that if the request (as identified by IP) is from a region with low population it will sometimes, maybe, be possible to weakly conclude that two proofs by users with same timestamp might be the same person. But this would be a very weak signal and it still doesn't tell you anything about who that person is. The IP address is a far stronger signal.
It lacks a section on threat models and how it addresses those threats, which is the first thing I'd expect to see.
At this point, I have no idea whether this protects privacy or not. And that's perhaps more disturbing.
At least for 18013-5 there is a detailed threat model, but it's not in the standard because we were told that standards are supposed to say "what", not get bogged down in "why". I'm not sure if the model is published anywhere.
..of the shortage of IPV4 addresses and NAT is that IOT devices need to connect to servers, often with subscriptions, for remote access. I should be able to connect directly with my IOT devices using IPV6 and the devices should be secure enough to exist on the public internet.
Or not. You can still have a stateful firewall with IPv6, and it will provide exactly as much security as a NAT device. There's no reason to require that all of your devices be able to exist on the public Internet, which is actually a pretty tall order -- especially for IoT devices that tend not go get updated as much as they should.
Why are we allowing a shit stain government like that controlling Iran right now be any kind of threat to international shipping? We SHOULD be able to put enough steel down in the area to make any attempt to control traffic by Iran impossible.
Doesn't work that way. There are limits to what can be achieved with air power, and we've reached them, and they're not enough to deter Iran. Said a different way: Iran has won Trump's war... unless and until he's willing to put lots of boots on the ground. And doing that would mean thousands of American soldiers will die.
Everyone with a clue knew this was the outcome of an attack on Iran. That's why previous presidents didn't do it, and why Obama negotiated the "terrible" JCPOA (which, actually, was quite good considering Iran's position). But the dumbass we have in the White House now was too stupid to listen to the advisors who told him that. Much like Putin thought with Ukraine, Trump thought it'd last a few days and he'd win.
At this point, Donnie has two choices: Invade Iran with a few hundred thousand troops, or cave and give Iran the concessions they're asking for. Well, three, I guess. He could continue blockading Iran until the world gets desperate and joins the war -- on Iran's side. Because Iran's not going to blink. They have no reason to.
Shipping was going great until a certain stable genius got involved.
"Pay no attention to the man behind the curtain." -- The Wizard Of Oz
