elrik

@elrik@lemmy.world

This profile is from a federated server and may be incomplete. Browse more on the original instance.

what if the hacker provided the public key for https connection? (www.youtube.com)

So this video explains how https works. What I don’t get is what if a hacker in the middle pretended to be the server and provided me with the box and the public key. wouldn’t he be able to decrypt the message with his private key? I’m not a tech expert, but just curious and trying to learn.

elrik,

As others have mentioned, a trusted 3rd party signs the correct key so your browser can check the key itself.

However, it should also be noted that your browser must have a list of trusted 3rd parties and their certificates used for signing in order to perform this check. It’s entirely possible to modify this list yourself. Some examples include:

  • executing your own MITM style “*attack” in order to intercept and analyze local https traffic
  • corporate network inspection and monitoring, where a gateway does the above for all devices on the network which have a CA cert pre-installed through some policy

So while it’s possible for trusted 3rd parties to issue valid certificates to bad actors, it’s also possible to add anyone (you, your employer, or some bad actors) to the trusted parties list.

elrik,

This is another one of those situations where for them (and every other company with access to similar content) the upside is just too much money to ignore.

What is the downside? Lost customers? No problem, they’ll charge the remaining customers more for new premium features based on the newly trained models. Also if they didn’t develop those features in the first place, a competitor would have pulled away customers anyways.

Fines from some government for the egregious violation of a TBD law relating to AI that doesn’t even exist yet? Lol, just the cost of business.

And policy changes? Who actually believes they’ll discard the model parameters they’ve already spent presumably millions of dollars training?

elrik,

It might be a good feature for the elderly as long as it’s local and optionally enabled (especially if it can be enabled only for unknown callers).

Yes, I understand you would never really know if it’s not always enabled. But then again, you currently don’t know if anything similar isn’t already enabled.

For other users, again potentially useful if it’s opt in. However, many people (myself included) simply don’t answer the phone anymore unless it’s a caller we already know. I use Google’s call screening feature for any other caller not in my contact list already, and I would estimate about 1 in 20 or 5% of such calls I receive aren’t spam (marketing or fraud). Of those non-spam calls, the majority are appointment reminders I don’t need.

So would I turn this feature on? No, I don’t have a need. Could it be beneficial for the elderly? Yes, but probably not implemented in a way where it would actually be effective.

elrik,

I mean, yeah, exactly. Keep in mind scammers are targeting vulnerable people. Granted I don’t see how such a feature will work on my grandmother’s flip phone.

elrik,

How does it verify the command is valid? Does it run what I enter?

If so, just give it an infinite loop followed by some attempt at a tar command:


<span style="color:#323232;">while true; do :; done; tar -xyz
</span>
elrik,

Unpopular opinion I guess, but I think Teams is actually pretty good at my workplace.

elrik,

I can’t say I’ve run into those issues with the new teams. Worst I’ve experienced is the app freezing during a call, which has happened twice in the last year or so.

elrik,

That may be, but I’m not sure that’s a problem for a communication platform. I remember one time when they moved the share screen button around and some less tech savvy users thought the feature was removed!

Teams has something like chat threads too. E.g. you can reply to a message in a channel and it groups all replies, and you can also focus that thread if you want. But I agree it isn’t hidden “off the main topic” quite like slack threads.

elrik,

Isn’t it available on PS5?

elrik,

Right? I was too lazy to double check, but yeah, the original claim seems absurd considering it’s missing at least the top 5 most populated countries representing nearly 4 billion people.

elrik,

Buy it. The game is fun.

AM radio law opposed by tech and auto industries is close to passing | Ars Technica (arstechnica.com)

A controversial bill that would require all new cars to be fitted with AM radios looks set to become a law in the near future. Yesterday, Senator Edward Markey (D-Mass) revealed that the “AM Radio for Every Vehicle Act” now has the support of 60 US Senators, as well as 246 co-sponsors in the House of Representatives, making...

elrik,

The argument for AM appears to be: the vast majority of adults will receive an emergency broadcast through their cellphone, but what happens if some event has already occurred which disabled large portions of the cellular network (which itself is an obvious target to create havoc)?

I’m fine with using AM as a redundant system for alerts.

Maybe make it more useful though for people in the car? I don’t need an AM button I’m never going to touch. Instead have it monitor whatever the emergency broadcast frequencies are automatically, and put something on screen when there is an alert. That would make it a useful “modern” feature as opposed to appearing as a legacy holdover.

elrik,

Why make the penguins suffer?

elrik,

Yes. Effectively you will not have any credit history, so you simply won’t qualify for lower interest credit products or will be rejected on applications that have a credit score threshold.

elrik,

That’s awesome - nice work!

elrik,

Would anything have prevented an increase in rates? I’d bet if everyone got out of line, the rate increases would have been the same or higher. The only difference would be no one received $100.

elrik,

Exactly. The choice shouldn’t be between some of you are selectively fucked or you are all equally fucked. It should be are you properly compensating for the role or are you just fucking them over.

elrik,

Good. Please proceed as quickly as possible.

elrik,

I don’t understand how these absurd arguments aren’t laughed out of court.

Who is John Sauer and why does anyone take this unfounded nonsense he’s saying seriously?

elrik,

Here?

elrik,

How is this different from the capabilities of Tesla’s FSD, which is considered level 2? It seems like Mercedes just decided they’ll take on liability to classify an equivalent level 2 system as level 3.

elrik,

Ah so it’s marketing BS then, got it.

elrik,

Yeah I don’t really understand either. Under those conditions any comparable level 2 system would operate without ever requiring the driver to take over.

elrik,

They’re assuming liability but that doesn’t mean it’s safe or more capable than other systems.

elrik,

It’s not enough.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • kavyap
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • tacticalgear
  • cubers
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • osvaldo12
  • ngwrru68w68
  • GTA5RPClips
  • provamag3
  • InstantRegret
  • everett
  • Durango
  • cisconetworking
  • khanakhh
  • ethstaker
  • tester
  • anitta
  • Leos
  • normalnudes
  • modclub
  • megavids
  • lostlight
  • All magazines
    •