Firefox for iOS and macOS. I have strict tracking protection [1] enabled on the former, and NoScript + uBlock Origin set up on the latter. I also use Little Snitch on the Mac.
I like the concept but share some of the blockchain concerns here. In particular, I'm interested in how the Gaia "driver model" [1] is actually architected, and how this compares to local storage:
> Gaia enables applications to access [it] via a uniform API.
HN's policy on paywalls is outlined in the FAQ [1]. Private Browsing mode is generally a good workaround:
> It's ok to post stories from sites with paywalls that have workarounds.
> In comments, it's ok to ask how to read an article and to help other users do so. But please don't post complaints about paywalls. Those are off topic.
The rationale explained by dang in a 2015 post [2] makes sense:
> Publications like NYT, WSJ, the Economist, and the New Yorker have paywalls that leave ways for readers to work around them. Such stories are OK to post to Hacker News. Yes, this sucks, but the loss of many substantive articles would suck worse.
HackerOne is a platform on which Valve runs a public program [1] that awards monetary bounties. I'm confused as to why Valve is allowed to forbid disclosure of "out-of-scope" reports and will only "generally" disclose reports in any case:
> Please note that we will not consent to disclose reports if they have been marked out-of-scope or inapplicable, or where Valve has not taken a specific corrective action / mitigation.
> Valve embraces transparency in our security. We will generally disclose the details of vulnerabilities found, upon request.
Qihoo has also employed dark patterns to push deceptive security practices around its own browser [1]:
> When you attempt to install other browsers, the 360 Safe Guards will allow the browser to be installed but will then popup saying not to let it become the default browser.
> When users of 360 Safe Guards run a check of their system, if they don't have the 360 browser installed it will give them a failing grade. If the user chooses another security software to protect their failing grade browser, the Safe Guards say no.
Also interesting is a statement by Opera on the 2016 acquisition [2]:
> The transaction would give Opera access to the extensive internet user base of Kunlun and Qihoo in China as well as the financing and other support of the Consortium that would allow for the full potential of the Company to be realized. At the same time, Kunlun and Qihoo would be able to cross-sell their products and services to the Opera user base, and benefit from Opera’s leading mobile advertising platform.
TL;DR: Microsoft bumps Azure max bug bounty to $40k, introduces Azure segregated hosts for researchers to test against, and formalizes their Safe Harbor terms [1].
> Login into Hero Trainer when you go for a run (gym check-ins will come in the future)
How would you calculate points earned for each run or gym visit? For the former, does the app rely on step count during the "tracked" period or does it incorporate outdoor GPS?
> Spectacle used it's own keyboard shortcut recorder, while Rectangle uses MASShortcut [1], a well maintained open source library for shortcut recording in macOS apps. This cuts down dramatically on the number of bugs that were only in Spectacle because of the custom shortcut recorder.
> [...] they would essentially be "dev devices." Think of them as iPhones that allow the user to do a lot more than they could on a traditionally locked-down iPhone.
It sounds like Apple might provide vetted researchers with development-fused devices [2]. In an official capacity, these have only been mentioned once - during a Black Hat talk by Ivan Krstić [3].
At least in part, the author seems to conflate 'collecting images of pax' with 'their usage of the IFE':
> Cathay confirmed it is collecting images of passengers while they're on board, monitoring their usage of the in-flight entertainment system (IFE) and how they spend time during the flight.
However, it sounds like Cathay are just using fixed cameras and not ones built into individual IFE screens:
> The airline said these images are captured via CCTV cameras fixed around the airplane and not from embedded seat-back cameras.
> Cathay's spokesperson said similar devices were not installed in its IFEs. "Our inflight entertainment systems do not have any cameras, microphones or sensors to monitor passengers, nor have they in the past."
Todos: I use Trello with a handful of boards, most containing Getting Things Done style lists (Today, Tomorrow, This Week, Sometime).
Note-taking: I settled on Bear after trying Apple Notes, Evernote, and OneNote. While I can't search inside scanned docs, the UX is polished and syncing is flawless if you're in the Apple ecosystem.
[1] https://support.mozilla.org/en-US/kb/tracking-protection-ios