b2b and audited security standards are a whole different thing - you deal with finance and health you’ve gotta prove to a 3rd party over and over that you have controls and technology in place to make sure you aren’t lying
this isn’t consumer BS
and you know the security standards that are achievable on google cloud entirely negate your point right? their cloud offering is a totally different beast
there is an argument that prioritising traffic would be a good thing - pay more for high priority video calls etc, or pay less for things you don’t care about like bulk download
… but we can’t trust ISPs to wield these powers responsibly and in ways that’s good for consumers
the up side of flip flopping is that it still results in some amount of effective net neutrality… in order to develop products and build customers for them, ISPs need to actually be sure they’re going to be able to continue to offer them… industries aren’t going to rely on fast lanes, etc until they’re pretty sure they aren’t going to go away
personally, i can’t stand either fluent or material either - the modern components and design language i keep coming back to is ant.design
anything skeuomorphic is just a huge waste of space - they add so much detail to the screen that has no function other than signaling “real world” application
he also hated non-skeuomorphic design, and yet here we are for the better in a world where we’ve moved on from that dated concept
just because he didn’t like something doesn’t make it wrong for apple to pursue
i’d say that it’s a security vulnerability, but breach implies it’s been used
i don’t think you understand how IT works… there will always be vulnerabilities… even the NSA probably has vulnerabilities… when found, these vulnerabilities need to be patched. i’m sure they’ll get their devices back; they just need to implement a fix
none of this is perfect, but shit happens and all we can aim to do is minimise the damage when it does happen
that’s not an alternative. i agree that’d be preferable, but given where the situation stands, what’s the concrete action to take to remedy the situation?
and the alternative is…?
or, continue making coffee while asking it to remind you to buy milk instead of either stopping to tap or completely forgetting which are the only possible outcomes
then he’d have at least 1 kid that doesn’t hate him
oh yup that’s a very fair point then! you certainly wouldn’t use it for security in that case, however there are a lot of ways to implement this that don’t rely on the security of the hash function, but just uses it (for example) to point to somewhere in a trusted source to manually validate that they’re the same
we already have the trust frameworks; that’s unnecessary… we just need to automatically validate (or at least provide automatic verifyability) that a video posted on some 3rd party - probably friendly or at least cooperative - platform represents reality
from the comment above, it seems like it took a week for a single image/frame though… it’s possible sure but so is a collision in a regular hash function… at some point it just becomes too expensive to be worth it, AND the phash here isn’t being used as security because the security is that the original was posted on some source of truth site (eg the whitehouse)
certainly record to flash, but you need to have notifications when the camera can’t be contacted/when storage would be theoretically getting full
that does open you up a little though: recording on device means the attacker can just destroy/steal the camera which is pretty easy because they, by definition pretty much, are in a place that’s trivial for an attacker to access
there are some things about america that i will just never understand
you can definitely produced perceptual hashes that collide, but really you’re not just talking about a collision, you’re talking about a collision that’s also useful in subverting an election, AND that’s been generated using ML which is something that’s still kinda shakey to start with
not really… signing is only possible on exact copies (like byte exact; not even “the same image” but the same image, formatted the same, without being resized, etc)… there are things called perceptual hashes, and ways of checking if images are similar, but cryptography wouldn’t really help there
you don’t even need to cryptographically verify in that case because you already have a trusted authority: the whitehouse… of the video is on the whitehouse website, it’s trusted with no cryptography needed
the technical solutions only come into play when you’re trying to modify the video and still accurately show that it’s sourced from something verifiable
heck you could even have a standard where if a video adds a signature to itself, editing software will add the signature of the original, a canonical immutable link to the file, and timestamps for any cuts to the video… that way you (and by you i mean anyone; likely hidden from the user) can load up a video and be able to link to the canonical version to verify
in this case, verification using ML would actually be much easier because you (servers) just download the canonical video, cut it as per the metadata, and compare what’s there to what’s in the current video
it does say it has a built-in serial console and raspberry pi