How to read the news like a mathematician
Google has just updated its 2FA Authenticator app and added a much-needed feature: the ability to sync secrets across devices.
TL;DR: Don't turn it on.
The new update allows users to sign in with their Google Account and sync 2FA secrets across their iOS and Android devices.
We analyzed the network traffic when the app syncs the secrets, and it turns out the traffic is not end-to-end encrypted. As shown in the screenshots, this means that Google can see the secrets, likely even while they’re stored on their servers. There is no option to add a passphrase to protect the secrets, to make them accessible only by the user.
Why is this bad?
Every 2FA QR code contains a secret, or a seed, that’s used to generate the one-time codes. If someone else knows the secret, they can generate the same one-time codes and defeat 2FA protections. So, if there’s ever a data breach or if someone obtains access .... 🧵
A closer look at modified #RNA bases #biology
Space Colony Art from the 1970s
The cylinder becomes a kind of Eden regained in these space fantasies, an Arcadia retrofitted with solar panels and cosmic-ray shields.
The reason why Drax are my old friends is that if you ask Telehouse London for a renewable energy statement they will give you a certificate from Drax saying that they use "100% renewable energy".
We as taxpayers, (still) fund them doing this and then they hand out certificates of greenwashing to other companies. It makes me even more sad how few people who asked me for those certs were interested in knowing more.
No, I will never stop going on about this.
The only page that lets you keep track of Oprah Winfrey, Mark Wahlberg, Christopher Biggins AND 1970s Tom Baker - I am producing a new show for @conservancy called The Corresponding Source. Just blogged about it. Give it a listen and see what you think 🙂
We need to end the pretence that burning wood is doing anything useful for the climate emergency. Change the law.
Important update from the "is this prime" game: 87 is now by far the most incorrectly tested number, ending just under 1 in 7 games.
After that, 51 and 57 are still almost neck and neck, ending 4.6% of games each.
The Campaign for Better Transport does great work lobbying the government to prioritise #bus, #rail and #foot.
Random old xkcd comic reminds me that I should re-read the Timothy Zahn novels from the Star Wars extended universe #Books
⚠️ Update: Live metrics show that X/Twitter has now been restricted in #Pakistan for over one week, with service remaining fully or intermittently restricted for most users; the incident comes amidst a surge in internet censorship during elections marred by irregularities 📉
All I know about public speaking, I've picked up from watching @bengoldacre. Alternate between talking quietly and LOUDLY, pack lots in, and shout something between sections.
RIGHT, SO he gives a talk on making sure clinical trials get published, medical data analysis preserves patient privacy, and GPs prescribe the safest, cheapest drugs… but with AUTOMATION and OPEN SOURCE.
Finally got around to writing a story about the i-SOON data leak (as opposed to just madly tooting about how interesting it is). Probably my favorite part of this leak shows an i-SOON employee proudly telling his boss that they successfully hacked one of the universities on the govt's target list, only to be told that university wasn't actually on the list. Whoops:
"A new data leak that appears to have come from one of China's top private cybersecurity firms provides a rare glimpse into the commercial side of China's many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation's burgeoning and highly competitive cybersecurity industry."
hence = from here
hither = to here
thence = from there
thither = to there
whence = from where
whither = to where
From the world of RNA: What's an Obelisk, anyway? "The list of things that we don’t know about these agents is lengthy." #Biology #Science
Leap Day approaching! Last time: #time #linux
Here’s a cautionary tale about digitisation of #archives
For the WW1 centenary, the National Library of Wales created, to pull together scans of primary sources relating to the period. By all accounts it was brilliant.
Naturally, like all such projects, the site disappeared once the money ran out, taking everything with it. Rip.
Hello! I post something interesting every few days.