>>Also the Soviets manufactured very little of anything valuable to the west. Their primary exports were commodities.
Time to mention the story of how Pepsi Co briefly had one of the largest navies in the world, because CCCP couldn't settle its debt to Pepsi with cash, so they accepted several warships instead.
At least in Poland it was semi-common that if you had any family abroad they could send you dollars. So yeah a soviet computer was in theory cheaper but it was impossible to buy, or you could just walk into PEWEX and walk out with an actual commodore 64 bought with dollars that you "happened" to have. Of course, PEWEX stores were fully state-sanctioned enterprises, not illegal imports.
Illegal for whom? The manufacturers? It's the same as it's now illegal for Boeing and Airbus to sell parts to Russia, yet Russia developed a network of intermediaries in several countries that buy the parts on their behalf so they can maintain their planes. PEWEX stores used to sell of kinds of goods from the west, including computers and even cars, if you had the dollars it was far easier to buy a western car or a computer than wait for a domestically made one. Maintaining it afterwards was a different question of course, but PEWEX stores were created specifically by the government to obtain dollars, they bought goods in the west usually by barter, and then sold them domestically for dollars, which then they used to buy the goods they really wanted since no one would take Polish Zloty in the west, but dollars opened many doors.
And as someone else said....the entire business would be solved if not for our cultural tabboo that requires astronauts to do the whole procedure by themselves. If you could have another crew member actively helping it would be done quicker in a much more hygenic way. But because it's "private" they have to do these crazy acrobatics to do it alone. And like, back on Earth nurses have to do much much worse stuff every day and no one considers that weird - it's just part of the job.
Many countries have alternatives already. In Poland Blik is ubiquitous and very very easy to use. And I love how it's implemented, Visa and MasterCard could learn from it.
Tldr - you open the app on your phone and it gives you a 6 digit BLIK code, you give that code to the seller, then a notification comes up on the app saying "seller X is trying to debit your account by amount Y, agree?". It's brilliant because then the seller gets nothing identifiable about you. Even if someone overhears the code, it's only valid 60 second so it's useless. Unlike with regular cards there is no risk of losing one or using a fake terminal that scans your card instead. And any transaction has to be explicitly rather than implicitly approved. Love it.
This is indeed one of the biggest weaknesses of "pull-based" payment cards, and something most if not all natively phone-based methods do better.
The best credit and debit cards can do is PIN verification or biometrics (for Apple/Google Pay), but even there you still trust the terminal to not show you a different amount than you'll be charged (assuming the screen is even pointing towards you; I've often been asked to tap without seeing what I'm even consenting to).
Online, there's 3DS, but that's not required everywhere and for every transaction.
There once was a vision to extend both positive cardholder approval and cardholder authentication for each card transaction, but it turns out the friction of that is higher on average than just letting everything but the most egregiously suspicious fraud go through by default and handle the rest via the disputes process.
Out of curiosity:
> you open the app on your phone and it gives you a 6 digit BLIK code, you give that code to the seller
Is this the flow for online payments as well, or only for in-person payments?
> Is this the flow for online payments as well, or only for in-person payments?
On-line, too. Or should I say, first, because AFAIK on-line came first. I've been using it for years as my default on-line payment method where available, before noticing it becoming an option on POS terminals.
I've been wondering this too. As I understand it, BLIK codes are generated on the back-end, so I imagine they have some clever anti-collision measures in place. What I know is:
- The TTL of the code is variable; on some days I've noticed it to be as low as 60 seconds, on others around 3+ minutes. Not sure if it depends on the type of transaction or time of day.
- After entering the code in charging widget/terminal, or giving it to a merchant, you still get a screen on which you need to explicitly confirm the transaction; it displays the amount and name of charging entity, so this would presumably reduce the impact of possible collision.
- Sometimes the codes generate instantly, sometimes it takes a few seconds; I always assumed it's network connection lag and/or usual webshit performance issues, but it would also be consistent with an anti-collision measure - if you run out of 6-digit codes, wait a second or two, some will free up.
- Not once I've heard any report or rumor about a collision.
IIRC a few years ago I saw some store asking for 6 or 8 digit BLIK codes, I guess the latter was how they were planning to expand from supporting just Poland to supporting whole EU. But that effort seems to have died out.
That's the problem. Every country has an alternative or ten, but what people actually need is one system that works across borders. That's the only way it reaches enough critical mass to be useful internationally beyond the EU, which nowadays is a requirement for it to be able to replace Visa/Mastercard in a decade or so.
There used to be a beer designed to be mixed with milk called bilk. Last I heard, it was terrible. Maybe it's still around - I think it's Japanese, so it's unlikely I'd happen across it.
It's literally a matter of an automated test that sets a password using every character on every possible keyboard type, then tries to type that password in on the lock screen. There's not even that many keyboards, that test would take what, an hour to run?
Right, but this test basically means you can't ever remove a character if it was ever present. I was assuming that you still want to remove it (for some reason) and wondering how to safely test the change.
You create two keyboards and use them both and test them separately. Then you create a keyboard update flow. And you test that. Then you make sure you test that the old keyboard shows until the user changes their password.
I’m all for a system that allows you to wipe the device to do a downgrade or upgrade (just like any PC with an unset bios password allows) but the idea that it’s a good design for someone without my OS password to be able to downgrade my OS or perform any operation on my OS is insane.
What’s even the point of setting a password if anyone can manipulate the system without entering it in?
The entire iPhone OS is on an encrypted volume and that is the right design choice. Not having the password means no access.
There is no general purpose encrypted volume operating system that allows unauthenticated users to perform OS manipulation. If you encrypt your FreeBSD, Linux, or Windows volume, the result is the same: no password, no access.
Your choice is to enter the correct password or wipe the disk.
The fact that Apple doesn’t allow you to set up a system without full disk encryption is not a user freedom issue, it’s a very sensible design choice especially for a device sold primarily to non-technical consumers who don’t understand the security implications of leaving the volume unencrypted.
The issue here isn’t that iOS security is designed wrong, the issue is that Apple broke basic password entry with an update.
Shame on Apple for having such lazy software development practices when it comes to implementing updates like this.
So don’t buy an iPhone if you don’t care about the security of your device and personal information. That would introduce a massive security hole that would negatively affect far more users than it would help.
I doubt that. The group of people you're talking about are those who have their phone maliciously stolen by people who are actively working to hack/exploit their way into the devices and then actively exploit the information stored on them. That is a utterly negligible percent of users, or even of users who have their phone stolen. The overwhelming majority of thieves of intent move the devices onto professional orgs that wipe them, jailbreak them, package them, and then ship them on to other entities that resell them.
The percent that might want to choose a different-than-latest version of OS would also of course be quite small, but I suspect it would be orders of magnitude larger than the other group we're speaking of just because that group of people is going to be so absurdly tiny.
In this world stolen iPhones are mostly worthless because they can’t easily be wiped without the password.
In your world, they could be.
I imagine iPhone thefts would go way up. They’re worth $1000 and we just carry them everywhere - if they were easily resellble it would be a very obvious quick-money theft opportunity.
iPhones are currently the primary target of thieves by an overwhelmingly wide margin. There are many ways to wipe them and its an industry in its own right. One of the most common, as always, is simple social engineering. They contact the victim posing as Apple, convince them to reveal their credentials in this way or that, wipe the device and away they go. If that fails they're stripped down and sold for parts, which is also reasonably lucrative.
I don't know for certain why thieves are generally not typically interested in abusing user data, but I'd imagine it's because the penalties if caught would go way up. That'd go from what is generally just petty theft, which carries a slap on the wrist, to wire fraud and a whole slew of other charges, which can leave people spending most of the rest of their life in prison.
Because a quick search for UK statistic shows that even though iPhones are minority of phones over here they are the overwhelmingly majority of all phone theft:
"In terms of smartphone models, the data also indicates who might be most at risk. Looking at the entirety of the UK, 68.6% of stolen phones are iPhones."
“In 2012, the National Crime Survey – which supplies data to the ONS – reported that there were roughly 608,000 theft from a person incidents across England and Wales, which was a high for the decade. However, since then, theft from person cases – including those including smartphones – have fallen year on year. A key factor for this continual decline could be that smartphone security has improved to a point that it’s no longer worth stealing them; with Face ID, trackers, and fingerprint scanners, it’s now harder for criminals to wipe and fence stolen property. It’s also possible that, due to the ubiquity of smartphones, the desire to steal them has simply decreased.”
I would say that phone theft is relatively rare. I didn’t mean to single out iPhone really - AFAIK the major manufacturers of Android phones provide similar protection, and if feel the same about them removing it.
To me the surprising claim would be that phone theft is common - I don’t think I know of anyone who’s had their phone stolen - but if you want stats, sticking with the UK, here’s the official statistics on robbery and ‘theft from a person’: https://www.ons.gov.uk/peoplepopulationandcommunity/crimeand...
It’s more work than I have time for now, but I don’t think that any of the headline figures can be regarded as ‘common’.
More emotionally: Maybe it’s just my age showing, but it is notable to me that nowadays we’re all carrying around $1000 items at all times, and muggings aren’t through the roof. Perhaps society is kinder than I gave it credit for, but I think that the lack of utility of those $1000 items if you steal them (so, they’re not really worth $1000 to a mugger) is a major part of the reason they’re not.
In the US millions are stolen per year. Nobody knows the exact number because I suspect many may not even realize they've been stolen from and simply think they lost their phone somewhere. Thieves tend to target touristy areas where this is even more likely.
It's also going to make the targets even less likely to report the crime to police as well. 'Hi, I don't live in this country and I think my phone might have been stolen somewhere at some point in time over the past several hours, maybe.' is not even going to be investigated by the police, even if somebody does decide to file a report.
Come to think of it, this may all be yet another reason why thieves don't tend to abuse personal information. That sort of stuff is going to get reported and can be viably investigated by the police.
First of all - of course it does, many publications have reported on it too and it made headlines. You can say it didn't make HN's front page, but don't say it didn't make headlines.
Second of all - popes have made more or less clear comments about "jihadist violence" for decades now - in a way, it's nothing new, pope condemning violence in some part of the world is just what he does on Sundays.
What is new is a "christian" country waging war "in the name of Jesus Christ", to the extent that is happening right now. Secretary of Defence saying that everything is preordained and if missiles fall on infidels then clearly it's gods plan. The pentagon preacher saying that since the bible ordered israelites to kill entire cities to purge them of sin, then obviously a missile killing 100+ schoolgirls is part of god's plan too, in the scale of things described in the bible it's hardly a blip.
That's why the Pope is speaking out in a way that few other popes have spoken out before. The previous wars in the middle east have killed 1M+ people but the portrayal as "holy war" is new(or returning, depending on how you look at it).
>>At least 9 out of every 10 software engineers I know does all their development on a mac
I work in video games, you know, industry larger than films - 10 out of 10 devs I know are on Windows. I have a work issued Mac just to do some iOS dev and I honestly don't understand how anyone can use it day to day as their main dev machine, it's just so restrictive in what the OS allows you to do.
It makes sense that you use Windows in a video game company. We use windows as well at work and it's absolutely awful for development. I would really prefer a Linux desktop, especially since we exclusively deploy to Linux.
I work as a consultant for the position, navigation, and timing industry and 10 of 10 devs were on Windows. Before that I worked for a big hollywood company and while scriptwriters and VP executive assistants had Macs, everyone technical was on Windows. Movies were all edited and color graded on Windows.
>it's just so restrictive in what the OS allows you to do.
The people using them typically aren't being paid to customize their OS. The OS is good for if you just want to get stuff done and don't want to worry about the OS.
I compile a tool we use, send it to another developer, they can't open it without going through system settings because the OS thinks it's unsafe. There is no blanket easy way to disable this behaviour.
We also inject custom dlibs into clang during compilation and starting with Tahoe that started to fail - we discovered that it's because of SIP(system integrity protection). We reached out to apple, got the answer that "we will not discuss any functionality related to operation of SIP". Great. So now we either have to disable SIP on every development machine(which IT is very unhappy about) or re-sign the clang executable with our own dev key so that the OS leaves us alone.
If it's being sent to another developer then asking them to run xattr -rd com.apple.quarantine on the file so they can run it doesn't seem insurmountable. I agree that it's a non-starter to ask marketing or sales to do that, but developers can manage. Having to sign and then upload the binary to Apple to notarize is also annoying but you put it in a script and go about your day.
If SIP is kicking in, it sounds like you're using the clang that comes with Apple's developer tools. Does this same issue occur with clang sourced from homebrew, or from LLVM's own binary releases?
Yes, it kicks in even with non apple supplied clang(most notably, with the clang supplied as part of the Android toolchain, since we sometimes build Android on MacOS and having to re-sign the google-supplied clang with our own certificate is now a regular thing every time there is an update released).
Because...it's official behaviour that is fully supported by clang? If you want to add a hook on compilation start, it's literally the documented way - you include your own dlib with necessary overrides and then you can call your own methods at each compilation step. Not even sure how you'd do it with a shell script? You need to have knowledge of all the compilation and linking units, which....you have from within Clang.
>>The errors caused by radiation are extremely frequent and you definitely must guard against them, otherwise anything will fail immediately in space.
I asked this in another thread but I will repeat it here - how come that their bog standard iPhones that they use for taking pictures with are still operating fine then? If like you said, "anything will fail immediately" - doesn't sound like that's the case? They have electronic watches with no radiation hardening, they have regular laptops with no radiation hardening.....I'm not saying that it's not a problem, but it definitely doesn't seem to be in the area of "immediately failing in space" if you don't have that.
As other posters have said, the personal devices of the astronauts are already used in spaces that are much better shielded against radiation than a typical satellite or the Mars helicopter.
Radiation shields add mass and volume, so it helps if the electronics is somewhat resistant to radiation, allowing for less efficient shields.
Even with the enhanced shielding, the personal devices experience errors from time to time, e.g. the photographs taken may have some wrong pixels and they sometimes have to reboot their laptops or smartphones, if weird behavior happens. Like others have said, these kinds of errors are not important, unlike in the computers that control the spacecraft, where errors are not acceptable, so those must use either hardware or software means to combat the effects of radiation errors.
Yes, but that wasn't the question. OP said anything that's not radiation hardened will fail immediately - to which I ask ok, what about all the stuff they brought up with them which doesn't seem to be instantly failing.
The radiation levels are much lower where humans live, otherwise they would not live for long. Without humans, thinner and lighter radiation shields are used, to reduce costs.
Theoretically, one could use the same electronic devices that are used on Earth, if one would add thick enough shields, but this is impractical, so one must make a compromise, by combining some less efficient shielding with devices more resistant to radiation.
The Mars helicopter had essentially no shielding, as it had to be extremely light to be able to fly in the Martian atmosphere.
Moreover, as explained in the parent article, the radiation levels are not constant. A great part of the radiation comes from the Sun, and that part fluctuates continuously (i.e. the so-called "space weather"). The electronic devices must be designed to withstand the peaks of solar radiation, even if the radiation levels are less than that much of the time.
The astronauts can shut down their personal devices, preventively, when there is a peak of solar radiation, or when they pass through the radiation belts.
Aren't the stakes a little different with an iPhone that you have for picture taking and entertainment vs the systems that manage your trajectory and life support?
The fact that a handful of devices hasn't failed is hardly proof that they can't. Hell, I've driven thousands of times and never actually NEEDED my seatbelt.
>>The fact that a handful of devices hasn't failed is hardly proof that they can't.
Again, that's not what I'm saying. I'm just challenging OP's assertion that any device with no radiation hardening will "immediately" fail, which clearly isn't the case with these devices. That's not me saying that radiation hardening isn't needed, quite the opposite.
(I have no expertise or knowledge of this area but...)
tl;dr: people need (heavy) radiation shielding, cpus et al can live without it
I'd imagine their bog standard iPhones and watches are generally in parts of the craft which have more radiation protection than others and, further, that it's probably only the parts where people are going to be that get that protection (due to weight savings, etc.) and if you can mitigate radiation problems by using a $30 CPU instead of a $2 CPU and save $100K of weight on radiation shielding on the CPU compartment, that's a no-brainer.
Time to mention the story of how Pepsi Co briefly had one of the largest navies in the world, because CCCP couldn't settle its debt to Pepsi with cash, so they accepted several warships instead.
https://www.atlasobscura.com/articles/soviet-union-pepsi-shi...
reply