Samuel Gibbs, The Guardian:
The firm allegedly hacked by the NSA and GCHQ has stated that it cannot find any evidence that the US and UK security services breached and stole the encryption keys billions of Sim cards.
Good news if true. I can’t help but be a little skeptical, however. Snowden’s revelations have proven time and again to be borne out by the facts. What’s more, don’t we think Gemalto would have a huge incentive to lie and say they were never actually breached?
As reported by Rick Osgood of Hackaday:
The software actually installs a self-signed root HTTPS certificate. Then, the software uses its own certificates for every single HTTPS session the user opens. If you visit your online banking portal for example, you won’t actually get the certificate from your bank. Instead, you’ll receive a certificate signed by Superfish. Your PC will trust it, because it already has the root certificate installed. This is essentially a man in the middle attack performed by software installed by Lenovo. Superfish uses this ability to do things to your encrypted connection including collecting data, and injecting ads.
Well, if compromising the security of our personal financial transactions makes good business sense for Lenovo, we’ll just have to toughen up and deal with it, won’t we?
They claim that server-side interactions have been disabled since January, which disables Superfish. They have no plans to pre-load Superfish on any new systems.
Oh, good. False alarm. So they’ve stopped doing this. I totally trust them not to be full of “it.”
My QuickReminder script for Pythonista is now at version 2.1. I improved the way that certain errors were handled, making everything a bit more friendly to the user. I’ve also made a small tweak which throws an alert when no time interval is specified, then relaunches Drafts, preserving the original reminder text.
You can always grab the newest version of the script from this gist.
I’d noticed that many of the files in my Dropbox aren’t syncing lately–and with file sync being the central and defining feature of Dropbox’s service, I found the situation to be…suboptimal. That being the case, I filed a support ticket. Three days later, I received the following non-response from some Python script running on a
cron schedule on some forgotten server:
It takes giant balls to respond to one of your users like this. Why would anybody want to give money to a company with this much disdain for the people it purports to serve? Combine this with a growing distrust of pretty much all online service providers, and I kind of have to start thinking about jumping ship–and telling everybody I know to do the same.
John Moltz on Facebook’s goofily incomplete “News Feed”:
When the algorithm gets in the way of showing you what’s happening now, if you have to wait until the next day or go below the fold to see what happened last night, how is your medium any better than a newspaper?
Facebook has really become a giant abortion of theology and geometry, and every day I’m amazed to see that users aren’t kicking it to the curb en masse. Something this bad–something this disdainful of its users–really can’t be awfully long for this world. People will always get tired of eating crap…eventually.
NBC Bay Area:
A woman police describe as a high-end prostitute has been arrested on suspicion of murder after allegedly injecting heroin into a tech executive on his yacht in Santa Cruz and leaving him to die when he overdosed.
This is bizarre and sad. Silicon Valley does seem to be a new Hollywood.