Most portable electronics today use some variation of lithium ion batteries, which when it becomes unstable can combust/explode if mishandled. However, devices generally have thermal management software and hardware, as well as multitude of other safety mechanisms like power management systems to handle charge regulation. Unless you intentionally puncture your batteries, they’re not likely to cause any problems on their own.
It is easier to think of the SSL termination in legs.
Client to Cloudflare; if you’re behind orange cloud, you get this for free, don’t turn orange cloud off unless you want to have direct exposure.
Cloudflare to your sever; use their origin cert, this is easiest and secure. You can even get one made specific so your subdomains, or wildcard of your subdomain. Unless you have specific compliance needs, you shouldn’t need to turn this off, and you don’t need to roll your own cert.
Your reverse proxy to your apps; honestly, it’s already on your machine, you can do self signed cert if it really bothers you, but at the end of the day, probably not worth the hassle.
If, however, you want to directly expose your service without orange cloud (running a game server on the same subdomain for example), then you’d disable the orange cloud and do Let’s Encrypt or deploy your own certificate on your reverse proxy.
I did in fact read the paper before my reply. I’d recommend considering the participants pool — this is a very common problem in most academic research, but is very relevant given the argument you’re claiming — with vast majority of the participants being students (over 60% if memory serves; I’m on mobile currently and can’t go back to read easily) and most of which being undergraduate students with very limited exposure to actual dev work. They are then prompted to, quite literally as the first question, produce code for asymmetrical encryption and deception.
Seasoned developers know not to implement their own encryption because it is a very challenging space; this is similar to polling undergraduate students to conduct brain surgery and expect them to know what to look for.
Completely agree with you on the news vs science aspect. At the same time, it is worth considering that not all science researches are evergreen… I know this all too well; as a UX researcher in the late 2000s / early 2010s studying mobile UX/UI, most of the stuff our lab has done was basically irrelevant the year after they were published. Yet, the lab preserved and continues to conduct studies and add incremental knowledge to the field. At the pace generative AI/LLMs are progressing, studies against commercially available models in 2023 is largely irrelevant in the space we are in, and while updated studies are still important, I feel older articles doesn’t shine an appropriate light on the subject in this context.
A lot of words to say that despite the linked article being a scientific research, since the article is dropped here without context nor any leading discussion, it leans more towards the news spectrum, and gives off the impression that OP just want to leverage the headline to strike emotion and reinforce peoples’ believes on outdated information.
While I agree “they should be doing these studies continuously” point of view, I think the bigger red flag here is that with the advancements of AI, a study published in 2023 (meaning the experiment was done much earlier) is deeply irrelevant today in late 2024. It feels misleading and disingenuous to be sharing this today.
If anyone is responsible to keep things around for 100+ years, they’d have a job to do… and even then, cloud providers will still make their life significantly easier than juggling a bunch of storage mediums that goes in and out of storage medium fashion.
You’ll be very hard pressed to find anything else that’d out last the day when all three of AWS, Azure and GCP shutdown and take their data offline.
I get it though, Lemmy doesn’t want to admit these services exist other than to dunk on them in the most anti-corporate fashion… so continue to pretend such is the case!
Another possibility: the console vendors are catching whiff of the whole gate keeper mess, and they don’t want to be at risk of being forced to open up their physical cartridge DRM mechanisms to allow third party cartridges for the relatively small EU market (compared to the rest of the world). Moving towards digital is much easier as result.
It is also clear as day that they’re testing the waters with Nintendo players who are generally deemed to be more casual, and lesser likely to push back compared to the more savvy other major consoles. Once this blows over, they will just move to digital everything across the board, citing successes and cost savings on the other platforms as basis for the move.
Upload it to the cloud and make it someone else’s problem to deal with keeping up with the physical medium changes. Then your descendants only have to worry about figuring out how to deal with an outdated file format they can no longer open… and even when they can finally open it, it’d be super low quality… just like how we have to squint really hard at videos from VCDs now days.
API are secure only if you can secure the authentication details. A modified app (be it as something modified and distributed on a unsanctioned channel, or custom injected by another malicious actor/app) can easily siphon out your authentication tokens to a third party unbeknownst to you the user. However, if the app verifies it came from the approved source and have not been tempered with, then it is much easier to lean on ASLR and other OS level security to make it harder to extract the authentication info.
Multiplayer game operators have obligation to curb modified clients so their actual paying clients have a levelled playing field. By ensuring their apps are only distributed via approved channels and unmodified by malicious players, this improves their odds at warding off cheaters creating a bad time for those that actually pay them to play fairly.
These are just simple cases where this kind of security is beneficial. I am glad Android is finally catching up in this regard.
This is Lemmy. If you’re not advocating for FOSS, or piracy to spite the corporations, you’re gonna get downvoted. I don’t care. We need better security standards whether these kids like it or not.
App developers need ways to know the app has not been modified in unsanctioned manner, glad to see Android finally catching up on security with integrity checks.
No, they’re mostly correct; basically no one except Android users in the USA cares. Everywhere else has it figured out with third party messaging platforms that’s geographically favored, and Apple users in USA will continue to use the superior iMessage protocol with each other. Only the Android users in USA are left out from sending/receiving messaging, so they’re salivating over the update like it’s the best thing since sliced bread.
RCS is janky, inconsistent, and carrier dependent. Can’t wait for Android users in the USA to join the better rest of the world. Until GSM consortium mandates end to end encryption and force all carriers to adopt certain version of consistent minimum, RCS is and will continue to be a garbage inferior protocol that should be avoided like the plague.
Not entirely true… the American Android users care about it; Apple users will still default to the superior iMessage as opposed to the inconsistent carrier dependant RCS; rest of the world will use geo-preferred third party messaging app that also offer consistent experience between carriers.
I know I have some hearing loss; Mimi hearing test confirmed degrading further over the years. But I’m okay with waiting til 3rd gen Pro come out before I upgrade from the first gen Pro.
You’re going to find that the appetite for un-targeted advertising to be much lower than that of targeted. The ROI for un-targeted blast is much lower than a smaller more focused targeted campaign.
As such, you’ll either see even more ads on the same content (in order to obtain similar level of revenue for the publisher), or, as the other user suggested, free ad supported service be a thing of the past.
Neither of which are good for the mass audience. People already aren’t willing to pay $1 to remove ads on most free ad supported apps, you’re going to find small businesses collapse left right and centre as result of the change.
In the old days, it used to be a problem because everyone just connect their windows 98 desktop with all their services directly exposed to the internet because they’re using dial up internet without the concept of a gateway that prevents internet from accessing internal resources. Now days, you’re most likely behind your ISP router that doesn’t forward ports by default, and you’re only exposing the things you’d actually want to expose.
For things you’d actually want to expose, having a service on the default port is fine, and reduces the chances of other systems interacting with it failing because they’d expect it on the default port. Moving them to a different port is just security through obscurity, and honestly doesn’t add too much value. You can port scan the entire public IPv4 space fairly quickly fairly cheaply. In fact, it is most likely that it’s already been mapped:
Keeping the service up-to-date regularly and applying best practices around it would be much more important and beneficial. For SSH, make sure you’re using key based authentication, and have password based authentication disabled; add fail2ban to automatically ban those trying to brute force. For Minecraft, online mode and white listed only unless you’re running a public one for everyone.
The only reason Apple had gotten traction with it is because they focused all of their users’ purchase power in one unified place. Which became a powerful driver to drive for change. Samsung/Android/Google Pay/Wallet thing never gained traction despite having access to the chip is exactly what we’ll see if the chip just get opened up free for all. All the larger players will push for their own standard, demand for the coveted hardware invocation sequence, while no one else wants to adopt theirs, and ultimately get no where while littering our phone with useless apps.
chiisana @ chiisana @lemmy.chiisana.net Posts 4Comments 500Joined 2 yr. ago
Most portable electronics today use some variation of lithium ion batteries, which when it becomes unstable can combust/explode if mishandled. However, devices generally have thermal management software and hardware, as well as multitude of other safety mechanisms like power management systems to handle charge regulation. Unless you intentionally puncture your batteries, they’re not likely to cause any problems on their own.