>any solution which relies on "doing the right thing" (ethics) but does not have any rules, laws or other repercussion for abusing it...
Doing the right thing can vary by culture, perspective, and situation. What is right or wrong to us may be entirely different to someone who's family is starving as just one example. Given the world-wide nature of the Internet, as a species, it is unlikely we are going to be able to agree on a single set of rules or punishments within our life-time.
In addition to the health concerns, ozone attacks unprotected polymers causing them to quickly break-down and release additional toxins into the air. I run an ESD ionizer at my well ventilated re-work / soldering station and have had plastic storage bins on the bench crumble at the touch from the ozone exposure.
In the US, what law makes it illegal to MitM network traffic using a WiFi evil twin or other technique? I'm genuinely curious because I was under the impression there are generally no such statutes and that the only thing that would be illegal is if the MitM used found credentials.
It doesn't have to be illegal for the cops to check it out. Sometimes it scares people off.
I had an officer acquaintance who said he pulled over a car with a shotgun in the back seat and asked who it belonged to, nobody was willing to claim it. He impounded it as abandoned property despite it being perfectly legal to possess.
The CFAA only applies to protected computers and intrusion into those computers. Watching network traffic or modifying network traffic in a MitM possition, without using found credentials doesn't seem to rise to the level of a computer intrusion. Of course, it's unlikely a protected computer is going to be connecting to a public WiFi AP in the first place..
> The only computers, in theory, covered by the CFAA are defined as "protected computers".
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
or trace back prior fraud. Criminals are using data deletion requests / demands to cover their fraud so they can continue. I don't think as written, this legislation is going to hold up under the onslaught of criminal abuse.
I don't want to be rude, so please tell me if you do, but do you have a source for that? It sounds quite a lot like a "think of the children" argument and whilst I can see people having made that claim elsewhere, I don't see any actual cases of it being reported.
I believe that's incorrect under GDPR. There is a legitimate interest to keep records for fraud use, and also they must not delete anything that's required for regulatory compliance. GDPR is very clear on that.
Yup. Keep it out of the app store. I ran into BlueMail awhile back when assisting a non-profit. A number of the staff members were using it so I figured I'd take a look. It wasn't long before I found it was exposing email service authentication credentials in clear-text network communication and was sending those credentials to their own servers. I advised everyone to stop running it and banned the BlueMail agent from connecting to our mail service. I reported the vulnerabilities and never heard back. I never followed up because the app was subsequently removed, which I hope I played some small part.
This specifically. I think that for a lot of tech workers the valley is a great security blanket. They know if their current gig falls through there will be another one waiting just around the corner. No need to uproot and move. It's actually sort of strange on the surface. There are a lot of engineers in the valley who move around to various companies fairly frequently which looks on paper like they don't have a lot of stability, but in reality the sheer number of available jobs is providing that stability, even if their longevity of employment with any one company does not.
For D-Link this is the normal, normal and has been for years. Check out VU#924307 which they never fixed. It could be triggered either by an attacker or just in the normal course of using the router:
In the first video from the article, the Tesla would be found to be at fault in most jurisdictions as the driver backing out was well into the backing out maneuver before the Tesla even rounded the corner. The Tesla without question did not have the right away at that point.
In most jurisdictions, the vehicle traveling in reverse is always the give-way vehicle. Practically, I expect that the insurance companies would agree to each pay their own driver’s costs and count it as an at-fault accident on both sides.
"Sadly… or not so sadly… the world has moved to HTTPS and to stronger protocols than what lowly Pocket Explorer supports. Thus, most of the web is entirely inaccessible on the device."
This is what proxies are for. Assuming it supports proxies. It would of course be wholly untrustworthy as it's likely vulnerable to a whole host of functional middling exploits.
First, it's not hard to imagine that someone might try to get their account banned for a GitHub terms of service violation keeping in mind that GitHub holds the account owner accountable for content in their repository. This is true even if that content is from other account holders they've given access to their repository. In this case, anonymous access is intentionally being provided which could of course go very, very, very wrong.
"You agree that you will not under any circumstances upload, post, host, or transmit any content that:
is unlawful or promotes unlawful activities;
is or contains sexually obscene content;
is libelous, defamatory, or fraudulent;
is discriminatory or abusive toward any individual or group;
gratuitously depicts or glorifies violence, including violent images;
contains or installs any active malware or exploits, or uses our platform for exploit delivery (such as part of a command and control system); or
infringes on any proprietary right of any party, including patent, trademark, trade secret, copyright, right of publicity, or other rights."
Understanding what the tool does, GitHub might be forgiving on the ToS violation front. The problem is with the second scenario: law enforcement. It's very likely that in a lot of jurisdictions, law enforcement, prosecutors, etc., wouldn't initially understand what's going on here and even if it can be explained to their satisfaction, I think very few of us would like to spend a night (or more) in jail while attempting to explain.
Doing the right thing can vary by culture, perspective, and situation. What is right or wrong to us may be entirely different to someone who's family is starving as just one example. Given the world-wide nature of the Internet, as a species, it is unlikely we are going to be able to agree on a single set of rules or punishments within our life-time.