TaviRider 3w ago • 100%
Also delete your expired certificate if you have one (for example after a year)
This is likely a bad mistake. Keep the old cert around.
There’s two possibilities:
The first possibility is that Actalis uses the same key pair for the new cert. This is not a great approach because it doesn’t defend against a leaked key or key overuse. After all, if the key can be trusted longer than a year, the first cert they issued should be valid for longer.
The second, and much worse possibility, is that renewing the cert gets a different private key. This can case data loss. Deleting the old identity means you lose the ability to decrypt any messages that were encrypted using that key! Even if your mail client stores the previously encrypted emails in decrypted form, you may receive a new email from a sender who does not yet have your new cert.
TaviRider 3w ago • 100%
Actalis sends you your private key. This means they have access to your private key, and theoretically could use it to sign and decrypt your emails. A more secure but somewhat more complex system would use a certificate signing request (CSR) instead. In that case, you are the only person who ever has your private key, so only you can sign or decrypt your email.
TaviRider 4w ago • 100%
Releasing the app on the same day to the Apple App Store and Apple Arcade is a nice win for Apple Arcade.
TaviRider 1mo ago • 100%
Solve for 1:
1 = kn - sin x
TaviRider 1mo ago • 100%
An old favorite of mine is Harvest: Massive Encounter. Expand, harvest, defend, optimize, and eventually get wiped out.
TaviRider 2mo ago • 100%
Mister Softee is headquartered in Runnymede, NJ so the east coast association makes sense. It’s a franchisor so there’s trucks in 18 states.
The Wikipedia article about them says the song is titled “Jingle and Chimes”, and it’s based on “The Whistler and his Dog”. There’s lyrics too!
TaviRider 2mo ago • 100%
Apparently it was adapted to “Did you ever see a lassie?” which has much brighter and simpler lyrics than the original, which is very dark.
TaviRider 2mo ago • 100%
It reminds me of O Du Lieber Augustin. And it took me a really long time to figure out that title… I thought it was some well-known nursery rhyme melody, but it’s a 224 year old Viennese tune.
TaviRider 2mo ago • 100%
Yeah, Mr. Softee in San Francisco uses the same music. I don’t recognize it from anywhere else. It sounds like a music box, especially because many of the notes don’t hit the beats.
TaviRider 2mo ago • 100%
In America there’s a concerted effort to destroy public education. That means there are insane policies like this one: Some public schools lose a bit of funding each time a student doesn’t show up. Doesn’t matter that the school’s expenses stayed the same. It’s not like they could tell a teacher to go home 15 minutes early and reduce their pay accordingly, which would be awful for the teachers anyway. So schools are extremely motivated to keep kids in the school.
TaviRider 3mo ago • 100%
Yes, device management systems can push apps directly to devices, but the devices have to be managed first. So I think it probably is about the lack of Google Play.
One of the hardest parts of managing devices is getting them enrolled in device management in the first place. Microsoft uses the Microsoft Authenticator app to authenticate users as part of the enrollment process, so they know which employee is using the device and how to configure it. They need a reliable app store to distribute that app, and they need to do it before the device is managed. So usually they rely on Google Play.
TaviRider 4mo ago • 100%
It tells when the user is online. This is useful for sending spam, because being on top of the inbox makes it more likely your message will be read.
To be fair, I doubt anyone’s implemented this specifically for ICMP. Instead I’d expect tracking that watches for any IP traffic whatsoever, and that happens to include ICMP.
TaviRider 4mo ago • 100%
ICMP reveals your IP address, which is easily correlated with other traffic…
TaviRider 4mo ago • 92%
Ahh, “Weev” is a four-letter version of “Weave” the same way “Chex” is a shortened “Checkerboard”, perhaps referring to the Ralston Purina checkerboard logo.
TaviRider 4mo ago • 100%
But what’s Weev?
TaviRider 4mo ago • 100%
And IntelliSync, so you could have the same contacts in your PC and your Palm Pilot.
TaviRider 5mo ago • 100%
I still wouldn’t trust it because of homograph attacks.
TaviRider 6mo ago • 100%
There’s a fatal flaw in the premise. It is impossible to fasten something to a cat.
TaviRider 6mo ago • 100%
Yeah. The huge legal distinctions between different ways of unlocking a device seem absurd. Comprehensive privacy legislation would help.
TaviRider 6mo ago • 98%
Authorities with a warrant can drill into a safe to get to its contents. That’s legally distinct from forcing someone to unlock the safe by entering the combination. It takes some mental effort to enter a combination, so it counts as “testimony”, and in the USA people can’t be forced to testify against themselves.
The parallel in US law is that people can be forced to unlock a phone using biometrics, but they can’t be forced to unlock a phone by entering a passcode. The absurd part here is that the actions have the same effect, but one of them can be compelled and the other cannot.
The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.