Why target people specifically? A phone has all the tools necessary to infect every other peer they can reach. Almost instant billion device botnet, each with a new list of targets to infect in the contacts book. It'll be interesting if this does happen, and the same mistakes as early worms are made (global internet pipe denial of service by probes attempting to find new hosts to infect).
Probably has engineering challenges past what you would normally face, which thankfully makes a 1B device botnet a little unrealistic. I can't imagine how you'd even begin to control such a thing, just a sequential numerical list of the clients is 4GB. Scary prospect though.
Sprinkle in some AES and public / private keys for verification and you're done.
Sequential list isn't needed.
(well, all the robust & stealthy large systems engineering together with the low level exploit knowledge is probably a little too much for one person to pull it off, but for a Hacking Team or nation sized actor it's quite doable)
The bot can call home to ask if/when more infections are desired, so the attack can elastically adapt to remain viable and not overwhelm the resources it needs.
Why bother with a botnet when you already have access to their gmail account. Search for bank emails in their inbox, script a password reset on the account, drain account.
Web 3.0 is pretty much that. Load 10MB of JavaScript libraries sequentially, then every element on the page needs a new loader, 30 HTTP requests, and a web socket.
And that's after a 10-minute build process using some node-thing, which, just to minimize and spit out static assets, needs to pull in 14,000 files of dependencies.
How else are you going to create the "side effect" of allowing the page owner, the hosting company, several CDNs, 10 social media "partners", an ad-network or three, and google[1] to each log page views?
I think its a "trust but verify" mentality. You know that your neighbor is probably trust worthy but you still keep tabs on them to make sure they are not secretly planning something against you.
The issue you have with stopping yourself is that your neighbor may still be doing so, and I'd imagine from a nation's perspective its crucial to have the same kind of info on them that others have on you.
"trust but verify" is an old Russian proverb and was Reagan's line that he used to refer to the USSR WRT a nuclear disarmament treaty.
Are we treating the Germans like the old USSR now? Is having an unfair advantage in commerce as important as knowing where are all of the nuclear missiles that are aimed at us?
I think it is somewhat less "crucial" than you appear to think; and I think that "because fuck you, that's why" is the foreign policy of a thug.
If it's apparently less crucial than I think then why do most major governments have clandestine intelligence services whose sole purpose is to spy on other nations?
Just because you have some paranoid fuckups in your government doesn't mean you should give them all powers unchecked, right? Like all else in hierarchical structures, there should be some proper oversight and control, by unbiased authorities (well, it would be nice at least). Problem seems to be, these services run at free will, they feel above law and constitution, justifying just about everything with "terrorist threat" mantra. Politicians seems weak/corrupt so they don't stand for common citizen's rights. Somebody from Obama's government expressed frustration once how all these services/programs/activities run basically on autopilot, and nobody dares to cut their budget.
Let's take a step back... does anybody truly believe current terrorism can shake foundations of any western society? I don't mean blowing hypothetical nukes in manhattan, but real things that happened. Planes falling, buildings collapsing, very sad events, but nothing major in civilization perspective. Our perception of these events is hugely disproportionate, based on our fears. Yet we are, step by step, losing our freedom like the alternative would be total annihilation and end of the world as we know it. Not even terrorist themselves want that. And they are not winning in any measurable way.
It's natural for any ambitious organisational unit, with strong leader, to try to grab all power, influence etc that's available. Normal comapnies have strict boundaries how far the power can reach, so for example you won't find a single bank that is effectively run by it's head of IT, in fact in contrary (IT is a true backoffice, in the back of the back of the back of the rest). Just set the boundaries and enforce them with budget cuts threat. Now who will do that is the question :)
On a statistical side almost anything else is likely to kill you. There's probably more people killed each year by ladders than some perceived external threat, and I don't see a war on ladders happening anywhere.
I do believe intelligence services are necessary. Essentially a government has two different sources of information: the overt sources, and the covert sources.
Both have their problems. The overt sources are easy for adversaries (in a very broad sense) to manipulate and observe. The covert sources have the inherent problem that less oversight usually means incompetence and abuse.
Given that disabling UI transparency is for accessibility purposes and is only for certain graphics cards I wouldn't use this as an example of a major bug.
I can replicate on a 2014 Retina MacBook and a 2012 MacBook Pro. Lots of people disable the transparency, not just for accessibility. I'm not a fan of burning up my whole battery doing Gaussian blurs.
What is this blind obsession with "THIS NEEDS A BLOCKCHAIN!!!!!!!"? There's nothing, absolutely nothing, in a system of storing playlists which needs decentralized canonical ordering. A blockchain is literally one of the most inefficient ways of storing data imaginable, and serves no purpose here other than a buzz word.
Some people have never heard of a DHT, and think that "blockchain" is a workable primitive instead of a high-level tool. It's like immediately jumping to "let's create a table for that in Postgres" instead of first considering whether the problem could be solved with a dictionary.
Also, if people are looking for something to use as a primitive, I'd much rather they look at Freenet. :)
It's not about the canonical ordering. It's about storing the pointers to files in a way that cannot be taken down by authorities. The playlists themselves could be stored anywhere, including but not necessarily in the blockchain.
Messages are not end-to-end encrypted, and this is not an anonymous system. See below for more details. We use the term 'secure' here to mean that we do not use plaintext transports.
Although to my admittedly meagre security knowledge, I would've assumed that "no plaintext transports" would mean it was encrypted end-to-end.
Would be amusing to program the RFID in someone's dog to open the front door though, necessitating picking up a German Shepard to hold it up to a reader. Better still make the dog a spare key and nobody would ever notice.
Mhhh... I realise now that cats are the perfect NSA intrusion mecanism in fact. You can put some kitten of troy in front of the port of a hacker and your feline agent will couple and connect with the hacker laptop with a 100% of accuracy for many minutes each day. Is the perfect crime, if we think about it... they could call it, the PPP (Pretty Pink Panther) project.
There was someone that put a collar with a wifi scanner on his cat and used it to map out where there were open networks in his area (well in the parts of the area that the cat went)....
