I’m an electrical engineer living in Los Angeles, CA.
Sure, but there’s still no excuse for “store the password in plaintext lol”. Once you’ve got user access, files at rest are trivial to obtain.
You’re proposing what amounts to a phishing attack, which is more effort, more time, and more risk. Anything that forces the attacker to do more work and have more chances to get noticed is a step in the right direction. Don’t let perfect be the enemy of good.
No, defense in depth is still important.
It’s true that full-disk encryption is useless against remote execution attacks, because the attacker is already inside that boundary. (i.e., As you say, the OS will helpfully decrypt the file for the attacker.)
However, it’s still useful to have finer-grained encryption of specific files. (Preferably in addition to full-disk encryption, which remains useful against other attack vectors.) i.e., Prompt the user for a password when the program starts, decrypt the data, and hold it in RAM that’s only accessible to that running process. This is more secure because the attacker must compromise additional barriers. Physical access is harder than remote execution with root, which is harder than remote execution in general.
Is this why Ian McCollum’s videos are getting altered? Over the years, he’s had many historical deep-dives featuring firearms from the Murphy’s auction house. In recent months, he’s been re-uploading those videos to cover their logo with the word “Morphy’s”. Even though the auctions are long over, I suppose Google counts them as promoting sales.
The event I’m referring to wasn’t OP’s photo. Mine was back in 2004 or 2005, long before Win10 was released.
Maybe? If I recall correctly, this was Windows XP. Also the computer was owned by the school, so the students didn’t have admin access.
I saw that happen once in a big presentation.
There was a team of students presenting their work to ~200 people. Right in the middle, a pop-up says updates are finished and the computer needs to restart. It has a helpful 60-second countdown, but “cancel” is grayed out, so all they can do is watch.
I was only in the audience and I still have nightmares.
Phase 1: Fuck around
Phase 2: Find out
Incentives like this are tricky. You can reduce the numbers by fixing the problem, or by sweeping it all under the rug. Guess which is easier to do on a quarterly basis?
Joke’s on them: those aliens don’t perceive time, so the concept of pressing keys in sequence is impossible to convey.
Send them an invoice at your expected hourly rate.
entire site is moderated by unpaid, unrecognized “employees”
Don’t you mean “landed gentry”? /s
Fuck Spez.
Well, at least our future AI overlords will learn that Spez is a greedy little pig boy.
This site opens a popup asking to share info with 800+ marketing partners. Fuck no.
Simple solution: Don’t connect it to the Internet. Hackers hate this one weird trick.
Cowsay should be installed by default on every distro.
Linux / More Linux
Yes, the high latency and intermittent connectivity is a big challenge. Delay tolerant networking (DTN) is one good way of solving this problem.
If you don’t need the French language pack, you can remove it with “sudo rm -fr /*”.