why bother to respond to the comment if all you have to say is “all is lost”?
kitonthenet
- 0 Posts
- 49 Comments
Joined 1 year ago
Cake day: June 8th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
then give up and go away, or watch the video and reflect on your comment
then why are you even here?
We can get it back, and the antitrust trials are a big part of actually doing it
115·1 year agoSays who buddy Bidens ass is getting reamed on this one
Actually it’s the nebraska virus
117·1 year agoOk, so I can come change your locks then
To exfiltrate the login password from a keylogger on a macbook, for example, you need to have some software running on the cpu as well as the keyboard itself. This makes it very difficult to do in reality, as you have to infect both devices and if you do not have physical access, your exploit needs to be done across the keyboard interface, which makes it very hard to do in practice. Swapping any random keyboard in that could potentially be malicious introduces two issues, as now the keyboard itself may have a keylogger, as well as opening the possibility of exploiting some vulnerability in the cpu from the keyboard itself. You therefore open two attack surfaces that were previously closed, which is highly significant.
people have different levels of risk acceptance and that’s ok
Except it is the editorial agenda of ifixit to promote legislation that requires this lesser level of security, which makes it not ok. Outlawing verification in software requires all devices to have the same vulnerability at the interface, it would even affect users who want to buy OEM.
I’m not saying it has to be absurd, but no one is acknowledging that the security risks are real, and requiring a lesser standard of security is a cost of legislating this stuff, which it is the editorial stance of ifixit to support
It absolutely could, if the processor trusts that the data coming from the faceid sensor is accurate, the faceid sensor can simply lie. You’re removing a layer of defense, which necessarily impacts security
So then you’ll let me change the locks on your front door to one I choose?
No, give me the argument that you can secure these interfaces, some of which provide biometric security, without verifying vendor origin in software
often are genuine, but Apple makes features not work unless paired
Because unless you pair the screen, the device has no way to know it’s genuine. If it’s not, it could implement any number of attacks, including keyloggers, screen stealers, etc
don’t believe
Why shouldn’t I? No one has given an argument that you can actually secure these peripherals without software locks, I bought my iPhone and MacBook because they offer security, even when I run Linux on it my MacBook has far superior boot security (the only thing apple has engineering control over in that use case) than any intel machines I’ve used
Also lol that article, you know the difference between one incident and a pervasive effort to mine your privacy for profit
Mfs out here want to install their bootleg faceid in my phone at their sketchy self repair place so they can sell my data and break its security. Let’s not pretend ifixit isn’t the exact same rent seeking that apple is, they just want to be the middle man
US also has to import transphobia and wrecking its economy for freedum
I agree, I think we should make both our countries worse instead
Belongs in ich_iel.
Energiewende is an absolute catastrophe
Nothing about what you wrote was a discussion, you stated for a fact that we would not do anything about it