I will say, I have never before this season seen so many seemingly-legit fake web stores. All with their little lock icons in the address bar. I assume LLMs helped kick it into overdrive too
Conflating transport-layer encryption with authenticity is the problem. The former should always be standard, the latter is unrelated and IMO needs a different mechanism.
Absent widespread adoption of DNSSEC, which has just not happened at all, I don't see any alternative.
The authentication must be done before the encryption parameters are negotiated, in order to protect against man-in-the-middle attacks. There must be some continuity between the two as well, since the authenticated party (both parties can be authenticated, but only one has to be) must digitally sign its parameters.
Any competing authentication scheme would therefore have to operate at a lower layer with even more fundamental infrastructure, and the only thing we've really got that fits the bill is DNS.
This applies to grandparent too (for the record I largely agree with them) but the issue isn't just "authenticity" but "identification" -- there's no real attestation about who is in on the other end of the site. This identity was once at least somewhat part of the certificate itself.
Yes, it is fair to say that domain names are not the sum total of identity. However, the EV certificate experience showed that, at least in terms of WebPKI and the open Internet, there really isn't anything better than domains yet.
We have clear and seemingly easy go-to examples like proving that yes, this is THE Microsoft, and not a shady fly-by-night spoof in a non-extradition territory, but apart from the headline companies--who as of late seem to like changing their names anyway--this actually isn't easy at all.
Walled gardens like app stores have different trade-offs, admittedly.
Graphene OS provides advanced security capabilities and a thorough defense-in-depth approach including a hardened supply chain. GOS aims to provide mechanisms to protect against 0day attacks. For example Celebrite can not open up GOS. GOS relys on hardware support provided by Pixels. Graphene OS works on getting their developments upstream.
Minecraft modding has done so much to get young people into CS. I started learning Java when I was 10 because I wanted to do modding. At university, I met so many people who had the same experience.
The tooling developed for Minecraft modding is world-class and better than what is developed during PhDs. It's very advanced, and people internalized the JVM and Java spec. One problem, though, is that Mojang's updates often change much of the foundation, and upgrading mods is very time-intensive. Mojang announced in 2012 that an official modding API is in the works. This is another step.
The best teams from Google CTF were invited to compete in Hackceler8, a combination of speedrunning and CTF, this year on a SEGA Genesis. Today are the finals, which are steamed and commented on YouTube. See this teaser [0]
Android is not just Android. The device vendors have to customize it to fit their devices by including drivers for example. Device vendors have the option to change the look pretty heavily, Samsung TouchWiz was infamous, Chinese vendors also offer very customized versions, including making it look like iOS.
What you are seeing is material design 3 "expressive" which will be rolled out in the next minor Android version and Google apps
I like the spirit of this comment (pointing out that it's OSS). I don't even disagree with discouraging people from asking questions that have readily searchable answers they'd be well served to direct themselves to.
But I think it can be assumed that someone asking such a questions is highly unlikely to be a world-class security researcher equipped to answer it for themselves by auditing the source code, so your response comes across as snarky for the sake of snark.
Karlsruhe: The local operators have severe quality issues, in part due to this concept. There are like four points in the city where issues impact the whole network. The rolling stock is very bad compared to the other regional trains running in Baden-Württemberg (no/bad ac, flaky internet, no sockets, bad seating). The trains have way too little capacity, I’ve seen incidents, where they run three coaches (which they don’t do often, they are too long to enter the city), where people could not get in anymore. Some of the stations in the surrounding area are absolutely mental (Durmersheim for example), you have to walk over rails where ICEs and cargo goes through. Some trains are split or merged when leaving or entering the city, but it always causes delays. When trains can’t use the heavy metal rails and thus not leave the city due to ICEs getting priority, a lot of inner city traffic can be affected. The cooperation between the different infrastructure operators is also a source of problems.
Do not take Karlsruhe uncritically as an example where this model works well, yeah sure average numbers make it look good, but the reliability is complete ass. KVV always manages to surprise me on how bad it gets.
Do not forget the number of accidents with cars as the tram trains mingle with car traffic in the more remote villages. Sure, technically the tracks are separated from streets, but every so often cars cross anyways or park etc. Those delays propagate to inner-city schedules.
> Sure, technically the tracks are separated from streets, but every so often cars cross anyways or park etc. Those delays propagate to inner-city schedules.
I don't follow your point. It's not like the inner-city tram lines are all perfectly segregated from road traffic and no accidents ever natively happen inside the city limits.
> Some of the stations in the surrounding area are absolutely mental (Durmersheim for example), you have to walk over rails where ICEs and cargo goes through.
That's not the fault of the tram-train system, though - without the tram-trains, you'd still have the same platform access situation if you wanted to take the heavy rail regional train instead.
Just a small hardware project: I am building a cocktail mixer in an old PC case. I saw something similar at a con over Easter and had to build one myself, it had a tap coming out of the 3.5" bay and the ingredients were inside the pc case.
It uses peristaltic pumps to move the different ingredients to the cup. It is very simple, but still took a couple of days to complete.
In detail it consists of 6 x peristaltic pumps, 3 x L298N motor driver, 3 x PCF8574 io expander and an esp32.
The software for the esp32 is very dumb and I actually coded it correctly before I had all the parts, it just enables and sets the speed for the motors and is attached via USB to a laptop. There a webapp is used to manage ingredients and recipes.
reply