hartz | 7 years ago | on: CenturyLink is blocking customer internet, saying Utah legislators told them to
More widespread use of DNS-over-TLS/HTTPS/QUIC can't come soon enough
hartz's comments
hartz | 7 years ago | on: The Secretive Business of Facial-Recognition Software in Retail Stores
The article mentions that Food Link and Giant (both part of Ahold Delhaize USA) are two supermarkets that responded to the ACLU survey saying that they do not use face recognition. I searched around and found the more complete list of companies' responses: https://www.aclu.org/blog/privacy-technology/surveillance-te... (near the bottom). The tl;dr though is that most companies refused to answer.
hartz | 7 years ago | on: Trustworthy Chrome Extensions, by default
This is also a good point. There's the related problem of the extension author selling the extension to a shady company for some extra bucks, who then pushes out an auto-installing update bundling it with malware/adware.
Example: Stylish -- https://arstechnica.com/information-technology/2018/07/styli...
hartz | 7 years ago | on: Go 1.11 Beta 2 is Released
I'm also excited to see where this leads.
From the release notes:
> Go programs currently compile to one WebAssembly module that includes the Go runtime for goroutine scheduling, garbage collection, maps, etc. As a result, the resulting size is at minimum around 2 MB, or 500 KB compressed.
The minimum size is a bit unfortunate, but after all it is still just experimental.
hartz | 7 years ago | on: Deep Dive: New Bookmark Sync in Firefox Nightly
Wow, I didn't know that they just shut down this month. I definitely still have the add-on installed in all my browsers, and thought it was still syncing...
hartz | 7 years ago | on: Electric Buses Are Hurting the Oil Industry
You still see these "trackless trolleys" in Boston too where some of the old streetcar and trolley lines used to be. (Unfortunately, most of those streetcars were replaced with diesel busses instead)
hartz | 9 years ago | on: Phishing attack uses Unicode characters in domains to clone known safe sites
I think it would be useful to implement some security against this at the registrar level (until a better fix is more broadly available). For example, if I'm registering "epic.com" (the ASCII version), the registrar could suggest that I also register "epic.com" (the Cyrillic version), or vice versa. This could at least help site owners avoid phishing attacks on their own domains.
Unfortunately, this would require all the big registrars to be on board for it to actually be effective.
hartz | 9 years ago | on: Open-sourcing Chrome on iOS
The point of standards for browsers is that you shouldn't need a polyfill just to support a feature (localStorage) in one browser. Ideally, it would just destroy its contents after your private browsing session is done, just like the way (I believe) all browsers treat cookies in private browsing mode.
hartz | 9 years ago | on: 'Shimmers' are the newest tool for stealing credit card info
Probably not normal people using cards, but it wouldn't be hard to train cashiers/managers what to look for. However, this would probably just lead to shimmers made out of clear plastic
hartz | 9 years ago | on: Avoid Non-Microsoft Antivirus Software
I feel like, instead of MITM'ing all TLS connections, antivirus companies could implement this same thing in a browser extension. If good ad blockers can prevent requests for ads from being completed, an antivirus extension should be able to do something similar, without having to tamper with the TLS connection between the browser and the site.
That being said, users would probably be much safer if they skipped the antivirus and just installed a decent ad blocker.
hartz | 9 years ago | on: Trying to Keep the Internet Safe from Warrantless NSA Surveillance
If you run your own mail server, it's hard to get email deliverability to the inboxes of people who use the Big 3 (Gmail, yahoo mail, Outlook.com). This makes using these privacy-invasive email services a much easier decision
hartz | 9 years ago | on: PHPMailer Exploit – Remote Code Execution
So you are one of those sites that reject email addresses with "+" in it?
hartz | 9 years ago | on: Google Hangouts Removes Merged SMS Conversations, Adds Video
I've found that Google's Messenger app[0] is a nice, no-frills SMS app (not to be confused with Google's other messaging apps, or any of the other apps called "Messenger")
[0] https://play.google.com/store/apps/details?id=com.google.and...
page 1