Lame. 45 days? 10 days for DCV? How common are exploits involving old certificates anyway? And automated cert management is just another exploit target. Do they seriously think an attacker who pwns a server can’t keep the automatic renewals running?

Fully self driving too! Snerk.

32 level “PLC” cells, OMG. How about staying at levels with some durability.

Um lol no. It would have to be 3x the physical size of the original battery to have 3x the capacity. But if they made a new, thicker phone case to accommodate it, that could work and such things have been done a few times for other phones.

There is a famous Erik Naggum rant about XML at, no wait, I better not link it but you can find it with a search engine if you want, which means you don’t get to complain to me about it since you are the one who went looking for it. Very NSFW and VERY politically incorrect. Naggum died in 2009 but anyone who published a thing like that today would be raked over the coals.

I looked at the article and it turns out the phones are in humongous housings with cine lenses. So not shot with phones in the way it might sound. Citizenfour (2013 best documentary Oscar) was mostly shot with a Sony FS-100 camcorder (2K HD I’m pretty sure) that the filmmaker carried in her purse.

Is this a big deal? Tons of movies have been shot with consumer camcorders which are probably worse than a modern phone camera.

Spoiler: Xiaomi is #1 now.

Nobody intentionally creates vulnerabilities, but more complicated software is more error prone and therefore more likely to be vulnerable. Fast release cycles also get in the way of good testing. The most complicated piece of software on most phones is the web browser, and its complexity is imposed by the web and its advertisements, rather than by what the user wants or needs.

IOS and Android face pretty much the same issues on the OS developer and phone manufacturer sides. Therefore, the IOS and Android worlds could both clean up their acts in about the same way if the incentives were right. That they don’t do so might be a bad situation that we have to cope with, but we shouldn’t pretend that it is a good situation.

I wonder what apps require IOS 16 in some meaningful way. I know there is a situation with Android apps requiring OS upgrades unnecessarily.

Why do companies like McDonalds want you to run an app anyway, instead of e.g. using a web page? There are a few sites or products where I currently give up the equivalent of a french-fry discount rather than run their stupid app. It’s just a minor annoyance so far, but it doesn’t make sense to me. Do those apps usuallly keep running the background so they can track you, or what?

Those security vulnerabililties are because of buggy old software, and updating the software in the old devices does as good a job of fixing the vulnerabilities as selling you a new device does. A significant e-waste tax on every new device, accompanied by credits for keeping old devices working, might help with that. Anyway, if it’s an app (rather than OS) vulnerability and you can’t fix it with an update because the new version of the app requires a new OS, that’s mostly likely an app that you don’t need to use. I’m getting by ok with F-droid apps instead of Play Store apps, for example.

Best still would be to debug the software before shipping it, so it wouldn’t have those vulnerabilities in the first place. There are various forces that get in the way of that, but a significant one is that web development is now driven by delivering more advertising rather than useful information to the user.

The laptop (Thinkpad X220) that I’m using is much older than the iphone 7 and it runs current Debian just fine. Lots of people are running current LineageOS on similarly old Android phones. Why can’t the phone vendors do the same? Planned obsolescence doesn’t change by wrapping it with nice marketing words.

I have figured that if I needed to get an iphone for some reason, it would be a 6+, since that is the last version with a headphone jack (similarly for Pixels, it would be a 4A). But I guess that strategy won’t work any more.

https://kevinboone.me/headphonejack.html

Reed to T’Pol: “I was always rather fond of the name Stinky”.

https://www.youtube.com/watch?v=Kyb6yDaai4M

So long, Intel.

Maybe you’re right about Gelsinger. I’ve seen him spew BS but figured he does it because he has to, that Intel has been fundamentally broken for decades, and that he was as a good a CEO choice as they could have made.

What protocol war and who cares about it, without asking me to watch a video? I have felt that the main conflict in the fediverse was human disagreement over who should be allowed to discuss what, not about protocols. Look at the current battle about vegan cat food, for example.

NVIDIA’s DRIVE Orin System-on-a-Chip (Soc) is currently a major player in the increasingly vibrant Chinese auto market, enabling a host of OEMs to deploy tailored Advanced Driver Assistance Systems (ADASs) for smart mobility.

In case you wondered what ADAS was.

Why is this interesting? Based on first paragraph it looks like influencer marketing of some sort.

Idk about took off but it was a successful product by reasonable standards. I have a few of them and chose it for a product that ended up going nowhere. That was partly because of hardware add-ons available for the pico but not for comparable boards. The existence of that 3rd party hardware ecosystem itself shows that the pico did ok.

I would say the documentation is more thorough, and at least for the non-wireless versions, there are no mysterious code blobs. The source code to everything including the ROM boot loader is online. The Pico boards also have a nice voltage regulation system so you can run them on a wide range of supply voltages.

Yes, way too underpowered. This is for controlling your 3D printer or stuff like that.

It was $5 but was limited to one per customer (in practice, one per order) at the usual vendors, and became very scarce at the time other pi models did. The wireless version was $10. They later eliminated the non-wireless version, bumped the wireless version to $15, and introduced a new fancier model (Pi Zero 2) that is also $15.

That’s more like an old school raspberry pi (runs Linux etc), not like a Pico. I didn’t know about that specific version but variants of the Beagleboard and Beaglebone have been around forever (longer than the raspberry pi). They are better than the rpi in some ways, and at least some of them are more open, but Rpi knocked the rug out from under them in cost and performance. I wouldn’t be so sure of the security of the wireless Pico either.

It might just become unobtanium like the pi zero was til they jacked up the price and dropped the no wifi version.

Added: it still has to compete with the ESP32 so maybe there isn’t that much price headroom, and maybe the ESP32 is why they had to refresh the Pico in the first place.

They exist. I use several. Lowendspirit.com (about cheap vps for self hosting) is one. I’m not active there right now but have been at various times.

700MB archive and no mention of source code, I mean couldn’t someone implement the command set as an emacs mode?

Chapter from “Security Engineering” (2nd ed) about physical tamper resistance:

https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c16.pdf

It’s been ages since I read it so idr how much of it was at chip level. Really high end stuff have the secure chips in a tamper reactive enclosure so it’s difficult to get to them without first erasing the contents. The chapter discusses that ;).

Security chips like smart card processors have safeguards against this sort of attack, fwiw. Regular chips are likely more vulnerable.

The video is in English and it’s about how some cables support USB PD power negotiation better than others, it seems. I only watched a few moments.

Xfinity H&I network it down so I can’t watch Star Trek. I get an error msg connection failure. Other channels work though.

I just looked and the usual channels are still there. Apparently the ban is narrow and specific. Applies to videos with direct links to gun dealers and that type of thing.

What do you set it to?

Ticking time bomb! Think of the children!!! Law or no law, this will be abused if it can be. Having the law is still a good thing I guess.

How are they going to produce these patches if microsoft is no longer releasing them?

First there were glassholes. Now we’ll have earworms?

Do I want to know what opensea is?

Who is he? What does he stream about? Is he really a doctor?

I’ve never heard of this guy but I’m not very attentive to streamer drama. Is this significant beyond there now being N+1 known bozos in the world instead of N?

Named after astronomer Vera C. Rubin (1928-2016), I guess.

https://en.wikipedia.org/wiki/Vera_Rubin

There is also an observatory under construction in Chile named after her.

Yeah I don’t see mention in the article of (so far) any observable reaction from the US pharma industry. It’s maybe reasonable as conjecture but not something we can claim as a fact.

Good luck with that!