> Next level of dystopia: cellular modems becoming so cheap that every TV, fridge and washing machine comes with one that connects it to the Internet whether you like it or not.
I also don't like this precedent, but I do still feel cars are quite different. You need a license to drive a car on public roads. The car needs lots of certifications. You need an insurance. You need to prominently display your (your car's) ID for all to see. If you make mistakes while operating a car, the police can stop you and the state can take away your right to drive a car.
This makes it all very different from a gadget you use for entertainment in your own home.
Over twenty years ago there came a mandate that all places with many people gathers (both residential and commercial housing) should have a EN 54‑21 compliant alarm transmitter to automatically notify authorities in case of a fire.
I'm afraid that we are crying wolf right now and are undermining our efforts to permanently shut down Chat Control and the likes when we complain about these efforts with a history of not being misused.
You can transmit arbitrary data in certain steps of the passport reading process. The possibility of disruption depends on whether the reading system has bugs exploitable by the incoming data.
I've seen crashes in PKCS#11 drivers when reading cards with malformed data. So, the possibility, in theory, is always there.
Reading story after story about big corporations abusing single/small group opensource developers, I think we need a license that, otherwise permissive, explicitly denies the use of the code for companies that took VC money or are worth a billion or more.
Absolutely not. Time Machine is just a SAMBA share with a nice UI on the client side. If the backup directory gets encrypted, all the versions of your files will also be encrypted.
My Time Machine server doesn’t run an Apple OS. Someone would have to compromise my laptop and then pivot to separately attack my NAS. A state level actor could probably do that. The people running spray-and-pray ransomware ops almost surely couldn’t, or at least wouldn’t bother.
According to Darknet Diaries there are gangs that focus on backup server first, because with backups in place ransomware is not as effective. There are examples of backup software companies being compromised to get to their clients.
This is for attacks against bug companies. But maybe it's just a matter of time before "ordinary" ransomware is updated with destroy-backups function.
The generated images look too flat and too sharp, giving an aged look. No one takes screenshots programmatically anymore. Consider revitalizing the output by adding RGB pixelation and a moire pattern filter to look like it was taken from a real monitor with a phone camera.
mitmproxy is a great tool, but it lacks upstream certificate lookup and attributes transfer to a generated host certificate. For example, Charles does that. Some applications perform attribute inspection to detect MITM proxies, namely Spotify. Are you planning to implement this feature? Or maybe you already did it in version 7?
mitmproxy does lookup the upstream certificate by default, but at the moment we only transfer common name, subject alternative names and (new) organization name. The good news is that with version 7 it's very easy to add more here, I'd be more than happy to accept contributions. :)
Good news indeed! I tried to contribute 1–2 years ago and quickly realized that such a feature would require a substantial rewrite after a quick code inspection.
That's already a reality with cars in Europe.