• 0 Posts
  • 18 Comments
Joined 1 year ago
cake
Cake day: August 17th, 2023

help-circle

  • asmoranomar@lemmy.worldtoTechnology@lemmy.world*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    2 months ago

    Pagers are not guaranteed to be 1 way comms and bringing them into secure locations is a security violation. Additionally, depending on the classification, no unauthorized and undisclosed devices of any kind would be permitted, including any electronics or electronic media such as tapes, CDs, discs, etc. Even when I was issued a verified 1-way pager, I was specifically briefed I was not permitted to bring it into a classified location. Most of the highly classified SCIFS are shielded anyways, you can’t use it inside so it’s safer to leave it out, along with all other devices.

    If your organization allows it, then (if federal) they are breaking the law and should be reported/up-channeled. If it’s corpo, you should bring up additional concerns with your security team.

    Edit: Also, it goes without saying, current events are probably a good reason why pagers (and other devices) aren’t allowed in classified areas. While most focus on disclosure (getting out), we must not forget the risk of data/operations getting destroyed.




  • It was also a relief of command, not a court martial, not non-judicial punishment, not a demotion or and not a punitive action. It happened because it affected the image of the force, but not necessarily anything that is terribly bad. Relieving someone of command can be a precaution or a temporary measure, not always leading up to anything drastic. He will probably get additional training and a small mark on his record that will go away in a short time as long as the trend doesn’t continue. He may even still get to keep his command or just move somewhere else to command.


  • In some instances of private/public key systems, this is done. It’s mainly for the purpose of ensuring the recipient knows who the sender was and also ensuring the sender knows who the recipient is.

    Quick primer: If you encrypt with your private key, everyone knows it was sent by you. If someone encrypts with your public key, they know you will receive it. Use your private key and someone’s public key together and you know only that person got it.

    In practice, lately another step is added to negotiate a third temporary/session key. This ensures keys aren’t used forever, and if compromised a new one can be generated. This is more secure than encrypting twice, because you never know what data is sensitive and picking the wrong one requires the attacker to start from scratch.







  • From my understanding it’s the concept of trust. Basic passwords are complete trust that both ends are who they say they are, on a device that is trusted, and passing the password over the wire is sufficient and nobody else tries to violate that trust. Different types of techniques over time have been designed to reduce that level of trust and at a fundamental level, passkeys are zero trust. This means you don’t even trust your own device (except during the initial setup) and the passkey you use can only be used on that particular device, by a particular user, with a particular provider, for a particular service, on their particular hardware…etc. If at any point trust is broken, authentication fails.

    Remember, this is ELI5, the whole thing is more complex. It’s all about trust. HOW this is done and what to do when it fails is way beyond EIL5. Again, this is from my own understanding, and the analogy of hardware passwords isn’t too far off.







  • Bought stove last March. Was cooking on it in Dec and the glass top melted. It’s clearly melted and the glass is not cracked. Called it in, and they lost my claim. I sent another and they sent out their own specialist. The guy was a Samsung shill, and he only looked at the stove and, without talking to me as I’m standing there, called it in and said it was cosmetic damage caused by user. He then left telling me that my stoves warranty ran out 3 months after I bought it and that I had to call it in again to get their determination. I did, and they said the claim was closed out citing I caused the damage.

    So, either Samsung thinks I took a blowtorch to it, or they refuse to perform a proper diagnostic or send an independent technician. They would prefer my house to burn down, than to admit even a little bit of fault. Worse still, I don’t know what to do, because any action I take would get ignored (they haven’t responded to bbb or states consumer protection reports and both have no legal authority to make them). Trying to repair it myself would allow them to push harder on user fault, and I don’t have money to take legal action.

    If that wasn’t bad enough, my sister is going through the same thing with a dryer she bought that died 4 days before the warranty expired.