• 0 Posts
  • 26 Comments
Joined 1 year ago
cake
Cake day: July 10th, 2023

help-circle



  • Texas is connected to the Eastern (Florida to Canada) grid, the Western (Cali to Canada) grid, and a Mexican grid not part of the US/CA system via tie-ins. It is the only state in the continental US with it’s own grid, which was not a smart decision (cough cough feb 2021). The most outrageous part was that they could have bought power from Mexico, east, or west and import it via those tie-ins during Feb 2021 but chose not to. Power was out for millions for over a week in freezing temperatures. Fuck Texas. Fuck CenterPoint Energy.

    Additional Information: Besides Texas, Quebec and Alaska have their own grids as well. Alaska is the only grid without any tie-ins.





  • Huh, you have a valid point. I haven’t tried it yet, but it probably doesn’t access/unencrypt too much more than the regular lock screen, given thats its just a glorified alarm clock with notifications. Ironically, some of the most private stuff (photos, notes) don’t have CompleteProtection, so that’s a current gaping vulnerability. And yes, if the FBI really wants your data, there are RAM reading tools for iPhone.

    Here is a stackexchange thread about AFU/DFU/CP if you didn’t know.










  • The latest version of TLS (used in the latest version of HTTPS), 1.3, is very secure. Most websites these days support 1.3/128 bits, making it quite hard to crack. One major weakness of HTTPS is that, if a certificate authority is compromised, the hackers can issue certificates for ANY website, which browsers will accept as secure until the certificates are revoked/expired/CA removed from trusted list in browser. This loophole can also be exploited by nation states (forcing the CA to issue certificates).

    If you are doing something really private, use something like Matrix (E2EE mode), Signal, or Telegram (E2EE DM).

    TLDR: Modern HTTPS is incredibly secure, except there is a loophole that nation states and hackers can exploit if they compromise/gain control of an approved certificate authority. If you are doing something you really dont want anyone to find out (top secret files), use an encrypted service that does not rely on the TLS/SSL/HTTPS stack.

    Oh, there was an effort to solve above loophole, I’m not sure if it got anywhere though.

    Edit: the point of my comment is to state that HTTPS encryption isn’t necessarily weak, just the handshaking process has some problems.




  • SimplePhysics@sh.itjust.workstoTechnology@lemmy.world*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    2
    ·
    1 year ago

    Apple’s face recognition system relies on

    1. infrared light being blasted on your face
    2. infrared camera creates a map of your face based on the 30k dots blasted onto your face and stores it
    3. when you try to log in again your iPhone compares your face by repeating step 1 and 2 (but not storing the map this time) and comparing it to the map created in step 2.
    4. if the black box “machine learning” program thinks your face is similar to the map, it lets you in.

    The IR blaster and camera makes Apple’s system more accurate and secure (requires 3D face) than just taking a photo of your face (2D), but it does take up more room on the notch.