A "Windows Subsystem" is a concept that dates back to the original Windows NT line of operating systems. Historically, there've been a number of supported "Windows Subsystems", essentially APIs for the kernel. In Windows NT 3.1, there were multiple subsystems: Win32, POSIX, and OS/2, plus a separate one specifically for security.
While WSL2 isn't implemented as an architectural sub-system (it uses a VM instead), WSL1 was far closer to the original architecture, providing a Linux compatible API for the Windows kernel.
Your bank/credit/debit/etc. card is a “physical token with a crypto key that is protected by a password and tied to one's bank account”. FIDO and EMV even both use the same underlying ISO/IEC 7816 and 14443 protocols for communications.
Ah! I forgot about my debit card. I only use it ~once per month. Yeah, we'd need an additional piece of hardware to be able to connect it to our computers but that also could enable doing chip-based transactions over the internet so I think it would absolutely be worth it.
As somewhat of an aside, this development doesn't necessarily mean much in the way of changes to the way the program is currently run. The foundation can act as a conduit/collection point for funding from industry, with the program remaining run under a contract with MITRE.
People have really bad memories of Mini- and Micro-USB, or aren't old enough to have experienced that era. Those things were fragile. At that point in time, it made all the technical and business sense in the world to replace their existing proprietary connector with a new, improved proprietary connector. The MFi program was a thing before Lightning, it's still a thing today, and has nothing to do with the specific connector.
Yeah, I'm going to have to spend some time trying to understand the math too. I was mostly waiting for things to calm down standardization wise. This newly selected algorithm is based on error correction codes (the same ones used in communications protocols), which look interesting.
Given how seriously the spookie parts of the US government are taking it, I would treat it with a similar level of urgency. While we obviously aren't privy to everything they know, their public actions indicate that they don't think it's a hypothetical risk, and is something that we will need to be ready for within the next decade or so, given technology refresh cycles: they need to get these crypto algorithms in place now, for devices that will still be in production use well in to the 2030s.
There's also a good chance that the initial compromises of the classical algorithms won't be made public, at least initially. There are multiple nation-state actors working on the problem in secret, in addition to the academic and commercial entities working on it more publicly.
Well, that depends on whether or not you care about "store now, decrypt later". Will the info you're sending now be totally uninteresting in 5 years? Great, you're probably good. Do you still want it to be secret in 20 years? Implementing post-quantum cryptography might be urgent.
given how sticky crypto algorithms are, transitioning early is a really good idea. git is still stuck with SHA1, and there's plenty of triple DES hiding in the boring types of critical infrastructure that no one can update.
Yes, but you generally can't affect the rights of a third party through litigation, unless it involves the third party.
You can't really end run around this by doing it in the other direction, because it has the same effect - even though they could not hold apple in contempt, they could hold google, which has the same effect.
Again, it's gotten looser more recently, but forever, this was not okay, and the underlying precedent has not actually changed. Everyone does expect SCOTUS to make a statement case in the next few years about this.
In any case -
Imagine i ordered you not to have contact with your best friend, without them desiring this.
An argument that i've only enjoined you falls flat - at best, i've had serious affect on their constitutional right to free association, etc.
Saying "yeah but only you will get held in contempt" doesn't really work.
reply