Actually, not just embedded systems. There's HSMs (hardware security modules) which also can't be updated to support new functions. Often this is because the underlying primitives have been implemented in fixed-function hardware to prevent timing, power and even RF analysis.
Another approach for verification is employed by Threema : The server verifies email addresses and phone numbers, so if the address or number is in your contacts you can have more confidence, represented by an orange dot next to the contact. If you verify the fingerprint by scanning QR codes, you get a green dot.
About fingerprints for the masses: I really like the visual fingerprints Peerio is using (basically bigger Github-style generated avatar icons).
I'm from there originally, and I agree, but the weather really is a problem. It's terrible. I live in Portland now, an area renowned for its gray rainy days and lack of sunlight. And yet, it has been 50º-60º and sunny for nearly a month now. Whenever I check Pittsburgh it's hovering around 0º. It's really a shame because I love Pittsburgh.
I was kind of looking for that too. Cost of living in this area is pretty low and the tech scene is growing. The only downside is you have to live in Pittsburgh and I actually like sunshine so I've been thinking of moving.
I live in Ohio but work in Squirrel Hill. The city has transformed over the years and is a really nice place. The only downside is the weather. This time of year it's easier to complain about weather but we literally get some of the lowest amount of direct sunlight in the country. We basically have 2 seasons: 4 months of summer, 8 months of winter/grey. Other than that the area is ok. Where I live it's pretty depressing old industry towns with nothing left, but like I said I don't live in Pittsburgh.
I guess I don't understand this comment. Someone wrote about it, so obviously they care. Moreover, firmware is normally considered safe, if it's not then that is a significant shift in paradigm for the security conscious.
And this matters because even if you uninstall the program, it leaves the certificate behind, right? So you have to manually remove the cert to shield yourself against future attacks, in addition to removing the program
Of course... It's just a certificate and proxy that comes by default with the OS as it comes from their factory. You can uninstall the certificate, reinstall Windows, install Linux, etc. and the problem will disappear.