You've completely reversed his point, yes it was foolish for anyone to expect this from XML. That's what he said!
Another concept that's been a research project for a long time and has successfully succeeded in getting many research grants is Fully Homomorphic Encryption.
“The dream is that you type your ChatGPT prompt, encrypt it, send the encrypted message to ChatGPT, and then it can produce outputs for you without ever seeing what you are asking it,” says Henry Corrigan-Gibbs, the Douglas Ross Career Development Professor of Software Technology in the MIT Department of Electrical Engineering and Computer Science (EECS) and a co-author of a paper on this security scheme.
Think about that, it can answer your question without ever seeing the question! I'm betting that while they may achieve a literal success in some form of subset encryption break downs, it seems obvious to me that the same techniques of success will lend itself to infer the question even if a perfect bit-for-bit might not be possible, else how could it possibly work.
They’ve released the Proton Mail Bridge as open-source, so I presume the decryption could be checked.
You are ignoring:
Who is actually checking?
Why do you believe that the actual code running is the same code released for checking. Particularly as it could easily be one-off user specifically targeted?
That’s not total bullshit. In large part it could be circumvented by someone with a camera, and it’s rare to find a workplace that strictly bans people from carrying those.
Two immediate things wrong:
The reference to workplace. In the secure enclave using vetted access, none of this matters. This in turn leads to ...
I'm guessing you've never implemented a man-in-the middle (MiTM) to actively rip the data at scale well beyond a screen image. TLS and Certs to secure the connection are irrelevant if you are using your own device.
A current example of both of these things has been in the news, the SecDef using Signal. Signal is an extremely secure application, highly recommended. The problem was the quite literal man-in-the-middle on his own device outside of the secure enclave.
I see that several people have already attempted to explain how misguided this article and Komoroske is, a.k.a. wrong.
Those of us that have worked closely with computer security and privacy, particularly breaking and defeating that very security and privacy see this as the same kind of nonsense that spawned provably correct code years back.
This whole concept is dependent upon implementing code that follows the rules, but if the rules were always followed we wouldn't need it in the first place.
I'm reminded of a proposal to allow easier access to restricted data by always keeping the data on the secure server and having an App that only views it on the server. They actually believed they could see the server data without it ever leaving the secure server enclave.
A more current example perhaps is Proton Mail. The idea is that all your mail is encrypted based upon your password that only you have and it's only decrypted in your client Browser or App. All that is true but the decryption is performed by code they provide. What if it doesn't follow the rules?
I suspect, but don't know for sure, that the decision making will follow along the lines of a counter intelligence polygraph. Passing a polygraph does not just mean no lies were detected. Passing requires that the polygrapher could successfully read you. If you are dead calm and totally in control, you do not pass. Similarly if you're a nervous wreck and can't be read, you do not pass.
I can easily see a similar approach put in place for social media. You have to have some and it must be acceptable to a vague constantly changing reference. If you don't have any, you don't pass.
Yes it's unfair and counter productive. Welcome to dystopia.
IBM did this in the 1970's. Feature upgrades such as faster, denser, tape drives were just software changes. The capability was always present in the hardware.
This is a desperation move from falling markets. It will be self correcting as they drive potential customers away even faster.
"If the prosecution refuses to admit how they got a piece of evidence and shares that in full with the defense then they don’t get to use that evidence or anything based upon it."
That actually already is law, but the catch is what I bolded.
It's common practice for prosecution to introduce, or attempt to introduce, forensic evidence in the form of technical reports derived from unstated methods or unidentified experts. As a general rule, prosecutors don't want technical people subject to cross examination because their nature is to be precise including error possibilities and techniques. This is almost always bad when trying to spin a binary Good/Bad tale for the jury.
It's incumbent upon the defense to challenge both the lack of information and the inability to cross examine claims. The problem is that most often the defense does not have the technical expertise to know when to challenge nor the money to hire its own experts. This is exacerbated by the fact that a great many forensic experts gained their skills working for law enforcement and there is a very real unwritten pressure to never work for the defense. Consequently the small number of forensic experts willing to work for defense are even more rare and more expensive.
The 158 page bill is very simple to understand. The bill supports Goodness and puts a stop to Badness.
Surely no one could object to stopping badness?
Incidentally, I get to define Good and Bad, but that's a mere detail.
If you read the actual article, granted they don't make it easy, it's not that cut-and-dried.
"About a decade ago, Tesla rigged the dashboard readouts in its electric cars to provide “rosy” projections ..."
Yes, their software 10 years ago was not as accurate as it is today. Calling it rigged certainly sets the tone to follow.
"In March, Alexandre Ponsin set out on a family road trip from Colorado to California in his newly purchased Tesla, a used 2021 Model 3. He expected to get something close to the electric sport sedan’s advertised driving range: 353 miles on a fully charged battery..."
First of all that's an EPA validated number. That said, yes it's unrealistic. It assumes optimal conditions, weather, and speed, not loaded down for a family road trip.
"We’re looking at the range, and you literally see the number decrease in front of your eyes"
The range is remaining range. Like a gas gauge, it does indeed decrease in front of your eyes.
"Ponsin contacted Tesla and booked a service appointment in California. He later received two text messages, telling him that “remote diagnostics” had determined his battery was fine"
"In most cases, the complaining customers’ cars likely did not need repair, according to the people familiar with the matter.
"Reuters could not determine whether Tesla still uses algorithms that boost in-dash range estimates.
So hey, let's stick with 10-year old software that's been updated many times since.
The EPA cautioned that individuals’ actual experience with vehicle efficiency might differ from the estimates the agency approves"
All the way at the bottom of the article we get back to the original person from the beginning.
" Undeterred, Ponsin brought his car to the Santa Clara service center without an appointment. A technician there told him the car was fine. “It lasted 10 minutes,” Ponsin said, “and they didn’t even look at the car physically.”
After doing more research into range estimates, he said he ultimately concluded there is nothing wrong with his car. The problem, he said, was that Tesla is overstating its performance. He believes Tesla “should be a lot more explicit about the variation in the range,” especially in very cold weather.
“I do love my Tesla,” the engineer said. “But I have just tempered my expectation of what it can do in certain conditions.”
"Officer, be sure to check my underwear drawer. That's where I hide the important stuff."
"Oh! Don't forget the freezer. Check the packages labeled Steak."
I remember the time when people standing around loudly talking to no one were pretty clearly mentally disturbed. Then came Bluetooth and it became a puzzle to guess disturbed vs bluetooth, although one could argue both.
Now we enter the age of wondering, Buffoon or ChatGPT, or both?
"...but the FBI is the most backwards of federal agencies ..."
Sorry I have to take exception to this statement. While the FBI is certainly a major contender in the backward race, IRS, and FAA among others are more backward. It's just that the FBI is very high profile in the wrong way olympics.
"... That is why medium wave stayed AM, it can’t support the bandwidth needed for FM."
You have Cause & Effect Backward. Standard FM channels are spaced at 200Khz in order to support high fidelity channels. AM 10 Khz channels can only support low fidelity content. It has nothing to do with Amplitude Modulation vs Frequency Modulation. You can get the same low quality 10 KHz channels with FM too, if that's what you want. Although these days you could at least use quadrature phase encoding to improve the quality.
"... I don’t think AM radio is all that innovative, but it lasted longer than most mobile technologies by a long shot."
So did the horse. Your point eludes me.
It's circular logic to say that AM is used for safety broadcasts so we must keep AM.
The only attribute AM brings to the game is a low RF carrier frequency with long range. Nothing precludes re-allocating the same frequencies to FM modulation other than we can't because we don't because we can't because ... rinse and repeat.
Not really. To expect XML to magically ...
You've completely reversed his point, yes it was foolish for anyone to expect this from XML. That's what he said! Another concept that's been a research project for a long time and has successfully succeeded in getting many research grants is Fully Homomorphic Encryption.
Think about that, it can answer your question without ever seeing the question! I'm betting that while they may achieve a literal success in some form of subset encryption break downs, it seems obvious to me that the same techniques of success will lend itself to infer the question even if a perfect bit-for-bit might not be possible, else how could it possibly work.They’ve released the Proton Mail Bridge as open-source
That’s not total bullshit.
- The reference to workplace. In the secure enclave using vetted access, none of this matters. This in turn leads to ...
- I'm guessing you've never implemented a man-in-the middle (MiTM) to actively rip the data at scale well beyond a screen image. TLS and Certs to secure the connection are irrelevant if you are using your own device.
A current example of both of these things has been in the news, the SecDef using Signal. Signal is an extremely secure application, highly recommended. The problem was the quite literal man-in-the-middle on his own device outside of the secure enclave.Pretty words but completely unrealistic
I see that several people have already attempted to explain how misguided this article and Komoroske is, a.k.a. wrong. Those of us that have worked closely with computer security and privacy, particularly breaking and defeating that very security and privacy see this as the same kind of nonsense that spawned provably correct code years back. This whole concept is dependent upon implementing code that follows the rules, but if the rules were always followed we wouldn't need it in the first place. I'm reminded of a proposal to allow easier access to restricted data by always keeping the data on the secure server and having an App that only views it on the server. They actually believed they could see the server data without it ever leaving the secure server enclave. A more current example perhaps is Proton Mail. The idea is that all your mail is encrypted based upon your password that only you have and it's only decrypted in your client Browser or App. All that is true but the decryption is performed by code they provide. What if it doesn't follow the rules?
What if you don't have Social Media, or claim not to?
I suspect, but don't know for sure, that the decision making will follow along the lines of a counter intelligence polygraph. Passing a polygraph does not just mean no lies were detected. Passing requires that the polygrapher could successfully read you. If you are dead calm and totally in control, you do not pass. Similarly if you're a nervous wreck and can't be read, you do not pass. I can easily see a similar approach put in place for social media. You have to have some and it must be acceptable to a vague constantly changing reference. If you don't have any, you don't pass. Yes it's unfair and counter productive. Welcome to dystopia.
Annoying but not new
IBM did this in the 1970's. Feature upgrades such as faster, denser, tape drives were just software changes. The capability was always present in the hardware. This is a desperation move from falling markets. It will be self correcting as they drive potential customers away even faster.
Forensics, Experts, and Court
"If the prosecution refuses to admit how they got a piece of evidence and shares that in full with the defense then they don’t get to use that evidence or anything based upon it." That actually already is law, but the catch is what I bolded. It's common practice for prosecution to introduce, or attempt to introduce, forensic evidence in the form of technical reports derived from unstated methods or unidentified experts. As a general rule, prosecutors don't want technical people subject to cross examination because their nature is to be precise including error possibilities and techniques. This is almost always bad when trying to spin a binary Good/Bad tale for the jury. It's incumbent upon the defense to challenge both the lack of information and the inability to cross examine claims. The problem is that most often the defense does not have the technical expertise to know when to challenge nor the money to hire its own experts. This is exacerbated by the fact that a great many forensic experts gained their skills working for law enforcement and there is a very real unwritten pressure to never work for the defense. Consequently the small number of forensic experts willing to work for defense are even more rare and more expensive.
It's very Simple
The 158 page bill is very simple to understand. The bill supports Goodness and puts a stop to Badness. Surely no one could object to stopping badness? Incidentally, I get to define Good and Bad, but that's a mere detail.
Reuters Article
If you read the actual article, granted they don't make it easy, it's not that cut-and-dried. "About a decade ago, Tesla rigged the dashboard readouts in its electric cars to provide “rosy” projections ..." Yes, their software 10 years ago was not as accurate as it is today. Calling it rigged certainly sets the tone to follow. "In March, Alexandre Ponsin set out on a family road trip from Colorado to California in his newly purchased Tesla, a used 2021 Model 3. He expected to get something close to the electric sport sedan’s advertised driving range: 353 miles on a fully charged battery..." First of all that's an EPA validated number. That said, yes it's unrealistic. It assumes optimal conditions, weather, and speed, not loaded down for a family road trip. "We’re looking at the range, and you literally see the number decrease in front of your eyes" The range is remaining range. Like a gas gauge, it does indeed decrease in front of your eyes. "Ponsin contacted Tesla and booked a service appointment in California. He later received two text messages, telling him that “remote diagnostics” had determined his battery was fine" "In most cases, the complaining customers’ cars likely did not need repair, according to the people familiar with the matter. "Reuters could not determine whether Tesla still uses algorithms that boost in-dash range estimates. So hey, let's stick with 10-year old software that's been updated many times since. The EPA cautioned that individuals’ actual experience with vehicle efficiency might differ from the estimates the agency approves" All the way at the bottom of the article we get back to the original person from the beginning. " Undeterred, Ponsin brought his car to the Santa Clara service center without an appointment. A technician there told him the car was fine. “It lasted 10 minutes,” Ponsin said, “and they didn’t even look at the car physically.” After doing more research into range estimates, he said he ultimately concluded there is nothing wrong with his car. The problem, he said, was that Tesla is overstating its performance. He believes Tesla “should be a lot more explicit about the variation in the range,” especially in very cold weather. “I do love my Tesla,” the engineer said. “But I have just tempered my expectation of what it can do in certain conditions.”
Or it could be a simple Parser Error
If I enter simply " BestNetTech ", it comes right up.
Compelled Kibitzing During Search Warrant
"Officer, be sure to check my underwear drawer. That's where I hide the important stuff." "Oh! Don't forget the freezer. Check the packages labeled Steak."
RE: There’s no warrant for hacking into someone’s computer…
I know for an absolute FACT you're wrong!
Already Done for Years With a WARRANT
I'm not clear on this story? This activity has been done for years with a warrant. Is this supposed to be a free-for-all sans warrant?
Mentally Disturbed or Technology?
I remember the time when people standing around loudly talking to no one were pretty clearly mentally disturbed. Then came Bluetooth and it became a puzzle to guess disturbed vs bluetooth, although one could argue both. Now we enter the age of wondering, Buffoon or ChatGPT, or both?
Not the Most, Just Highest Profile
"...but the FBI is the most backwards of federal agencies ..." Sorry I have to take exception to this statement. While the FBI is certainly a major contender in the backward race, IRS, and FAA among others are more backward. It's just that the FBI is very high profile in the wrong way olympics.
Medium Wave Channels
"... That is why medium wave stayed AM, it can’t support the bandwidth needed for FM." You have Cause & Effect Backward. Standard FM channels are spaced at 200Khz in order to support high fidelity channels. AM 10 Khz channels can only support low fidelity content. It has nothing to do with Amplitude Modulation vs Frequency Modulation. You can get the same low quality 10 KHz channels with FM too, if that's what you want. Although these days you could at least use quadrature phase encoding to improve the quality.
Lasted Longer
"... I don’t think AM radio is all that innovative, but it lasted longer than most mobile technologies by a long shot." So did the horse. Your point eludes me.
Safety Broadcasts
It's circular logic to say that AM is used for safety broadcasts so we must keep AM. The only attribute AM brings to the game is a low RF carrier frequency with long range. Nothing precludes re-allocating the same frequencies to FM modulation other than we can't because we don't because we can't because ... rinse and repeat.
Obsolete Software
You make a good point. If only there were some way to update software automatically to extend the usability and function.
Rare Earths
I'm not sure what "they" you are referring to, but Lithium is most certainly NOT a rare-Earth. Revisit your chemistry.